{"report_id":"2dae725f-c986-403a-92fa-ae74c6b52c9d","version":6,"status":"done","tags":[],"date":"2026-02-14T04:31:50Z","url":{"schema":"https","addr":"htggxjig.click/","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"82.152.64.210","port":0,"asn":8851,"as":"GCI Network Solutions Limited","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"htggxjig.click/#/pages/login/index","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"title":"登录","dom":{"size":75863,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3732)","md5":"498e50e826dfb8c469c9de383a9b873d","sha1":"aa6726608dd515d444765763e96e05210cb74339","sha256":"b6a909eb6aa9de3d06611315c2d7babbd7e60b43e0bb9b8e7a2a5f1294fb78bd","sha512":"455ca418c8403cd46ae06207378abacc08c19157ec03e2871a0fd229d6a13b02c309e066e9e298ed9a17b41ebfba1921d5c979aa144f7fe783572560056799d3","ssdeep":"1536:f2dZXEn1JiaUvXAANWTl7nET6EwUz4eFZ5sf/Zsfs/sfYSsf08rrxRco/G:ID","tlshash":"f773d832710e3a235533c888a4c4d72da126d723c4524598f7ad2f7e8fdbfd60a66b49","dom_hash":"domhash4c4a26533f0bd012e942b7416bb1db67","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"htggxjig.click/","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"82.152.64.210","port":0,"asn":8851,"as":"GCI Network Solutions Limited","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-21T04:31:50Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"htggxjig.click","ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"domain_registered":"2026-02-08","domain_rank":0,"first_seen":"2026-02-13T13:47:09.184569Z","last_seen":"2026-02-13T13:47:09.184569Z","alert_count":60,"request_count":20,"received_data":1285202,"sent_data":9774,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.dcloud.net.cn","ip":{"addr":"124.220.203.60","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2013-07-17","domain_rank":296858,"first_seen":"2018-09-15T09:18:08Z","last_seen":"2026-02-11T15:09:54.260395Z","alert_count":0,"request_count":1,"received_data":579,"sent_data":445,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"at.alicdn.com","ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"domain_registered":"2008-06-25","domain_rank":96084,"first_seen":"2013-11-28T05:03:29Z","last_seen":"2026-02-11T12:52:54.685947Z","alert_count":0,"request_count":1,"received_data":56835,"sent_data":521,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"htggxjig.click/","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"93368157fb131b56a45d6f60f8b40342","sha1":"ea2a25edb7b00c3e0a06650f02fded5bd87dfa20","sha256":"c48d4859bc082aa591168f7d7230bef438ecc2b3074e707c83864e11ec1a891f","sha512":"366c90d022f7fd6718d76460de51a154cf6cf8bf8e3aefa2e0e736cbba24ec53506485331abd3c3c2a7e6ae00c9a3b957a9aa675ecdd389afca7863ad8365908","ssdeep":"","tlshash":"c8e068c260a6294c02208016304ac1031bb608729ec149613c4c67a58fb9f4bc46e859","size":352,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-06-08T02:01:06.931001Z","times_seen":4020,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/chunk-vendors.b9cd8f7a.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc482dfb164265338f7cd626f23dbfe4","sha1":"a6bebed5f7fb84db3f18026db5f30aff3df7bfa4","sha256":"456b1a5957805e4a15e44a4554aaf87c624a5000dcb183466a225f8470134470","sha512":"daa509eb0d2dc4fc4f262c8bcf62cac934766c59bbe63358c9bc3a4d6b8494f563b682c3c42554575c3872eec76eb7c2a1b4b33e02496bde3105dbf5529a2513","ssdeep":"6144:UTLoCHu0vjuYJdCqHLFpXtwTf3fTb//n7vkNTMHYEvm/40+QhAddvQz/gne+/LJm:cIUhJpdwTffn7ktdi0YvQzv+Q","tlshash":"4f05f78df282b0b50be761b5403f220bb2376969b40a84d4f675e4d0ad7894e6237f7d","size":837807,"data":"","first_seen":"2025-09-23T16:05:18.335984Z","last_seen":"2026-05-16T13:21:34.801121Z","times_seen":148,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/pages-index-bid_orders-index~pages-index-index~pages-my-account-balance-index~pages-my-account-recha~a3ba5c73.ee50add9.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"02eb81ff98f1a64d8d6fdae6ab657ebd","sha1":"0d54a7f0e43ea9f69fdf37e16ce033e36247496a","sha256":"36543a42d4f0c8b935ff0d729e252029118bdd5a76002252896d8757badda18e","sha512":"121d1477c64b931dd28ce8b9aa1c758eee877e2e459ba252ab990a5c84e186980a9ba201723484ce4844dc35d578258cf4b822c9b40273ff4c6c36d5f8ab2589","ssdeep":"384:t/sFqzgmvTzb7kBnyXb2rVhmouLWb8y0r3uiOkzpxKYA6Y7Q:tkFSggTz/kBnyXSrVhmouLq8y0r+iO43","tlshash":"9a92e89bf2eeb86605d7c458941f050a61673e2dd430f680dff497fa0ae4ace0661f29","size":20514,"data":"","first_seen":"2025-12-25T06:44:02.623268Z","last_seen":"2026-02-14T04:31:56.20127Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/pages-index-bid_orders-index~pages-index-index~pages-my-account-balance-index~pages-my-account-login~6a36a1e8.9e7f7369.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"337addc4fa5bbf62398c6e6d22fd3041","sha1":"7a548b005428b6aa0316fa7492e5a203948a6532","sha256":"67ef76c680d078cccd4fa9da4e6e83bc8d9ba6475f832ad142f6c41889bd2f18","sha512":"9126367a5568411bd82156f6a1833a1938049b35205cbb11a7c1684a90cfe6cfc00ea6dd8896a7acdef87f2e843166335a9ebfc23fed37e08de2aee2161ff26c","ssdeep":"192:rIrr3PrwVTTUvXE3xZkPCUrLZwy+qRsB4glaPOuiuiXiwiriHqRsT:rI3frgTTnCCOLZwm6ePOke","tlshash":"4a52604cb797142008538641d9ca571ad03df6b338359cc873d5a6cf8fa2bcd12a5b97","size":14375,"data":"","first_seen":"2025-12-25T06:44:02.622243Z","last_seen":"2026-02-14T04:31:56.194662Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/pages-login-index~pages-login-register-index~pages-my-account-login-psd-index~pages-my-account-pay-psd-index.e3c2a966.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"b0eb9343adf33794be0f418b4c8d6c23","sha1":"9bf6d8ed3c18dbee6f5bce6349fb0139fb857a32","sha256":"b72aa89b8a6a08f8070457c9fc0779f643d9e356fd46f2fac901a284ec48db0a","sha512":"65ec62b9493565b0277ae13216deb1bf05936428217eaa73a9ffe166a96127fdc222c21d8b214a6836a2c1011de1b8da8a5274ee53deeb7968ffa8f1877423fc","ssdeep":"192:bwY9Mu9kcqRsV7RNbXnSRZ6itYIqDkYce4ICqEmvLx2OH3S97W1sX3z7K:bKojnuYdGmvLcOXSkeXi","tlshash":"5b42da5d708db9929ec3987061df5006d332365988a87490e7f566f407bab8c2336f6e","size":13060,"data":"","first_seen":"2025-12-25T06:44:02.613387Z","last_seen":"2026-02-14T04:31:56.197546Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/index.8ae7f8fc.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"f8045cf06c1b571a6931cae7329e498d","sha1":"bd8662b035e987b51019fd6c4ab9615f7a382555","sha256":"c265227371c4cbc93c7eb01ac4f42dbe19e683a35dd3d6967d59c35199f3fbd4","sha512":"b1f11faddfefb0e334892a88273f354d525de6f082c711854cd8a890ba7373c5792f3429c1401369d74c24b4120ddf35c040bd40a71a595d11a48297dff0dd30","ssdeep":"1536:W5Xsd4LptX9gD0yQiiogDJDLBdH+5NAqWB+eDbhbEJ+W/7h8XuC07x+dWe0adZX2:W5Xs4RiGNHmOqWB+eDlbEJ+ih80wWZx","tlshash":"fcd3199db2c5eadb29876865042fa70a71b73cb41009b481e3f1dad05fce78f516af24","size":140563,"data":"","first_seen":"2026-02-13T13:46:27.354045Z","last_seen":"2026-02-14T04:31:56.193832Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/pages-index-bid_orders-index~pages-index-index~pages-my-account-balance-index~pages-my-account-recha~c80fbe36.8452822a.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ea0736e307a17856ef460a02a7b8b35","sha1":"be798a3ea3d3cdfec381e00510bb6dacf4325ef4","sha256":"78dd603b3bfc1cb5aa4c48ddeea143997bbca1b34369482880f5818f48111de7","sha512":"47f7f1f2b038bad20e1b92f8632dc24dbecc992da4ddb63612cd68b27ee36d41d043126604893f9da97d921375b35c463e4ffe9373b0f71b94b98cd974c96e90","ssdeep":"192:r4QvGJ3xqRsBR7eknRTeknycJMOFaPu7X/qRsFZUf1Vh:rV+quR1MOUu7S4ZUfN","tlshash":"6d42e716b08fb41a45938c5441ceab2820a67e179c90e5c1e3e6beb98bb379d2115f1f","size":12121,"data":"","first_seen":"2025-12-25T06:44:02.61901Z","last_seen":"2026-02-14T04:31:56.206196Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/pages-index-index.0aa02dbb.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"542fa913d4ef1059531531fe8b18f3c5","sha1":"d178cafdb9bc7719279078f6dc0b063a24263841","sha256":"9c1940917f99af8d1f246e58309bddccc78d1cd7da2d711b7580390d82a5499c","sha512":"b0cd21de946d12d9a8458d3a3df357cc6a5761485a1b94aff39d1b6ca049b8ba9ed95f49758c3c1d4e63a87c0e2f3418f74a3aea2ab7e2133345169bb863825b","ssdeep":"768:4YaWMTamz9WsFf3WZn1b9544xSB0IDtz7t:Z3MTamp1Ff3WZn1bdxS2IDN7t","tlshash":"7953d91db1ceb8674fd35494108f0605927a3e68c8a1e545e7769fa48efe6ca022ff1c","size":63802,"data":"","first_seen":"2025-12-25T06:44:02.620013Z","last_seen":"2026-02-14T04:31:56.202071Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/pages-login-index.f270d87c.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"d681fd48b65347e51b317bc092b2e709","sha1":"ee690c9a8d103d8e05be70749bf60c344289861e","sha256":"556327993dc06b2453fca86c73a37ff6820a956ede1b16f6b22363ac6eadfbcb","sha512":"efd8e8af451d00bfbd5db346fd141fd6d4a766d2c8fc6209bd7034cb0f441d9080d40a7ef3a0a3883ef3344f5f82570ed7fa3d2ed89930f405a142e81da1b9c2","ssdeep":"192:QTtTuqRsdHnlHCxJqRsBR7eknRTeknycJMOFaPuVCoaTL0TgcAzFmwRfRhiHiOsw:6xoH8ouR1MOUuBaTLC7SQjrZ","tlshash":"4382e925714af41e4953cc6860ca663850356f32d850f9c8f3b5adb98fe7b8f1226b1e","size":18665,"data":"","first_seen":"2025-12-25T06:44:02.609179Z","last_seen":"2026-02-14T04:31:56.190379Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/pages-index-bid_orders-index~pages-login-index~pages-login-register-index~pages-my-account-balance-i~2a47be03.c662e659.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f58608dd4c16255982e905e26de8bdb","sha1":"4d85b9adb3573dd367cf6a669a907596cba82bb3","sha256":"80eaf89ec28cba9911ca5dcb84c467f94ccbb616ceb0f92dd9863e00449f9732","sha512":"394a1ac4034216885ca07ca96b5f25745498d38c6a930e2f1da330f93351e7788fa13aeb4ab6b135668e271e55d051a30c38c321df0bdf52fe8828e916339d25","ssdeep":"384:bg8M+RQ/x/fQTfluUXX2LlnJZfFqHyPcMjAiS7pMJ9T3X:bg8M+RQ/FfQDlNelnrfFqHRcAiS7pM7j","tlshash":"6eb2715eb0c9ad7b6fc65894001fa106238e6a45ccf0bd01b7b69be5cabe249211ff15","size":23698,"data":"","first_seen":"2025-12-25T06:44:02.608188Z","last_seen":"2026-02-14T04:31:56.206971Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"3d5272693eb411e5b8b13a243f76c720","sha1":"6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c","sha256":"9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8","sha512":"03fc5614f48fc9a2e3c4a30626fdbacde74c1fda09ffa9d1cde0393d31cd5fe1588e270c241f4cedb473c6e5cc224ff16c141468a29519ea6159accf3e3a18f1","ssdeep":"","tlshash":"a4c08c8350e2080c8210861b848880050b8808b04f9308a22cd85b7ecc9ae88c8f804c","size":148,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-06-07T08:18:02.151537Z","times_seen":15899,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"htggxjig.click/static/shouye_active.png","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:31.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET /static/shouye_active.png HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:32 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Dec 2025 14:58:18 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"693adc0a-1087\"\r\nExpires: Mon, 16 Mar 2026 04:31:32 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\nServer: nginx\r\nX-Cache-Status: MISS from L1:569\r\nVia: L1:569\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4231,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 16-bit/color RGBA, non-interlaced","md5":"8a1157f1bc6166bfc48c4d6886ec29af","sha1":"4bf57fb397f16bd4af3be6254e7aa753a594e8ec","sha256":"69bf39a05f85a38c773dc456ce7fedd85675ad41fb24f7700ba7af2ac4ed2648","sha512":"fbb055f15b3ba7a1b2903e92e54d4abd29ae08f7fc24f6462e824222017a1ecbb8a35701e22d35ffe23a5048015ba1b5f87fd5cc50518f6c47791c711977e7c5","ssdeep":"96:qNnoElf+beY/4r+bpjie3svmGpyPLzRtAC0JUMjXgXGK8KDF59WmKz:6oElfeeusM3suHPPsCOUMjQ38OFnRw","tlshash":"31916ec6a66e8f77a0d0617ed37f1047dc6b24a0b390793fb2209794ad108a136966d0","first_seen":"2025-10-24T23:20:42.006396Z","last_seen":"2026-06-06T12:58:51.815833Z","times_seen":139,"resource_available":false,"data":null}},"time_used":673,"timings":{"blocked":75,"dns":2,"connect":33,"send":0,"wait":520,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/dingdan.png","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:31.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET /static/dingdan.png HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:32 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Dec 2025 14:58:18 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"693adc0a-f38\"\r\nExpires: Mon, 16 Mar 2026 04:31:32 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\nServer: nginx\r\nX-Cache-Status: MISS from L1:569\r\nVia: L1:569\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3896,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 16-bit/color RGBA, non-interlaced","md5":"f3a24f6ca5bf45b917d27c2e0e032b78","sha1":"3ad5be20f2fbc0adfa73ad2d201e6526dfd0ca86","sha256":"850806bb10faea2c83bf471a39b5f97f0590753d94f5ad31ae2c1d52f6e7a229","sha512":"2b4a42fadb9cc7359d775ca51ba91fd13a621325aa757ffc915d50c027d1fa94a35a2cd5475c744d444b07e567d7f99928134b81429ffdb70fce393f626f8ebc","ssdeep":"","tlshash":"b98139e042498ea5c91ae6fce074422590430b8f8d7f48dd6c29f06f537b97a26e8e90","first_seen":"2025-10-24T23:20:41.977731Z","last_seen":"2026-06-06T12:58:51.783325Z","times_seen":139,"resource_available":false,"data":null}},"time_used":682,"timings":{"blocked":77,"dns":2,"connect":36,"send":0,"wait":524,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/pages-login-index.f270d87c.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:33.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET /static/js/pages-login-index.f270d87c.js HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nCookie: s3f0a8f51=ko61s526p21e6nh7jccv8e5dqd\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:33 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Dec 2025 14:58:18 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"693adc0a-48e9\"\r\nExpires: Sat, 14 Feb 2026 16:31:33 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18665,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17507), with no line terminators","md5":"d681fd48b65347e51b317bc092b2e709","sha1":"ee690c9a8d103d8e05be70749bf60c344289861e","sha256":"556327993dc06b2453fca86c73a37ff6820a956ede1b16f6b22363ac6eadfbcb","sha512":"efd8e8af451d00bfbd5db346fd141fd6d4a766d2c8fc6209bd7034cb0f441d9080d40a7ef3a0a3883ef3344f5f82570ed7fa3d2ed89930f405a142e81da1b9c2","ssdeep":"192:QTtTuqRsdHnlHCxJqRsBR7eknRTeknycJMOFaPuVCoaTL0TgcAzFmwRfRhiHiOsw:6xoH8ouR1MOUuBaTLC7SQjrZ","tlshash":"4382e925714af41e4953cc6860ca663850356f32d850f9c8f3b5adb98fe7b8f1226b1e","first_seen":"2025-12-25T06:44:02.609179Z","last_seen":"2026-02-14T04:31:56.190379Z","times_seen":5,"resource_available":true,"data":null}},"time_used":285,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":284,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/login_password.png","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:33.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET /static/login_password.png HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nCookie: s3f0a8f51=ko61s526p21e6nh7jccv8e5dqd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:33 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Dec 2025 14:58:18 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"693adc0a-4ee\"\r\nExpires: Mon, 16 Mar 2026 04:31:33 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\nServer: nginx\r\nX-Cache-Status: MISS from L1:569\r\nVia: L1:569\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1262,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"47f7aaf05d0cf133529494865962232f","sha1":"b38dc0d902748eb633c99d1e0011af971ffd0cde","sha256":"f9b9970bdd7ab0752a3d2f8f1e51a6fea8afedfb6cd61881ce1bb3176f128e25","sha512":"aa5a63facefcd8f32e0c53bc882ba6cd40daa6c3516f902c2575cf3b434cb40860698249a34571cc39936874fadb2b588f889a5e1e5268ca023da398f92c75b8","ssdeep":"","tlshash":"7721e7e7b38da1baa6cce417144b34b0c8217778193cf6134cc16a38950e22617dce03","first_seen":"2023-07-06T07:50:35Z","last_seen":"2026-05-16T13:21:34.790055Z","times_seen":137,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T04:31:28.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:29 GMT\r\nContent-Type: text/html\r\nContent-Length: 774\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Dec 2025 14:59:35 GMT\r\nETag: \"693adc57-306\"\r\nAccept-Ranges: bytes\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":774,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (500)","md5":"e487f3bda21a9d03980f2034bec4e4d3","sha1":"ed524e607117ccec46a2dc243fa43d736418aeaa","sha256":"9a2d57134118ee978a4e4232a52f7565e003a2da2f2d027a536780c25023ce4f","sha512":"6694488f103fda196ac61b60270d327397da25f090eb2b370205b97d48dea1c6b8e6ab0460243a04cd278cdcf7c56676d02492a0cdf784a9ca03307bcd3a0bb4","ssdeep":"","tlshash":"1001b6c21c50f54d0720459164b6d61e49da4ab96951d9503cdc2aec4bd0b8ede3e815","first_seen":"2025-12-25T06:44:02.606508Z","last_seen":"2026-02-14T04:31:56.192744Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1486,"timings":{"blocked":483,"dns":415,"connect":32,"send":0,"wait":515,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/index.8ae7f8fc.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:29.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET /static/js/index.8ae7f8fc.js HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:30 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Dec 2025 14:58:18 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"693adc0a-22513\"\r\nExpires: Sat, 14 Feb 2026 16:31:30 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":140563,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65165), with no line terminators","md5":"f8045cf06c1b571a6931cae7329e498d","sha1":"bd8662b035e987b51019fd6c4ab9615f7a382555","sha256":"c265227371c4cbc93c7eb01ac4f42dbe19e683a35dd3d6967d59c35199f3fbd4","sha512":"b1f11faddfefb0e334892a88273f354d525de6f082c711854cd8a890ba7373c5792f3429c1401369d74c24b4120ddf35c040bd40a71a595d11a48297dff0dd30","ssdeep":"1536:W5Xsd4LptX9gD0yQiiogDJDLBdH+5NAqWB+eDbhbEJ+W/7h8XuC07x+dWe0adZX2:W5Xs4RiGNHmOqWB+eDlbEJ+ih80wWZx","tlshash":"fcd3199db2c5eadb29876865042fa70a71b73cb41009b481e3f1dad05fce78f516af24","first_seen":"2026-02-13T13:46:27.354045Z","last_seen":"2026-02-14T04:31:56.193832Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1159,"timings":{"blocked":64,"dns":0,"connect":34,"send":0,"wait":769,"receive":252,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/pages-index-bid_orders-index~pages-index-index~pages-my-account-balance-index~pages-my-account-login~6a36a1e8.9e7f7369.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:31.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET /static/js/pages-index-bid_orders-index~pages-index-index~pages-my-account-balance-index~pages-my-account-login~6a36a1e8.9e7f7369.js HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:31 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Dec 2025 14:58:18 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"693adc0a-3827\"\r\nExpires: Sat, 14 Feb 2026 16:31:31 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14375,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (13255), with no line terminators","md5":"337addc4fa5bbf62398c6e6d22fd3041","sha1":"7a548b005428b6aa0316fa7492e5a203948a6532","sha256":"67ef76c680d078cccd4fa9da4e6e83bc8d9ba6475f832ad142f6c41889bd2f18","sha512":"9126367a5568411bd82156f6a1833a1938049b35205cbb11a7c1684a90cfe6cfc00ea6dd8896a7acdef87f2e843166335a9ebfc23fed37e08de2aee2161ff26c","ssdeep":"192:rIrr3PrwVTTUvXE3xZkPCUrLZwy+qRsB4glaPOuiuiXiwiriHqRsT:rI3frgTTnCCOLZwm6ePOke","tlshash":"4a52604cb797142008538641d9ca571ad03df6b338359cc873d5a6cf8fa2bcd12a5b97","first_seen":"2025-12-25T06:44:02.622243Z","last_seen":"2026-02-14T04:31:56.194662Z","times_seen":5,"resource_available":true,"data":null}},"time_used":278,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/kefu.png","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:31.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET /static/kefu.png HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:32 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Dec 2025 14:58:18 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"693adc0a-1714\"\r\nExpires: Mon, 16 Mar 2026 04:31:31 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\nServer: nginx\r\nX-Cache-Status: MISS from L1:569\r\nVia: L1:569\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5908,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 16-bit/color RGBA, non-interlaced","md5":"72cb2277b6f2144aca9c40c3ecc0eb21","sha1":"a43073921decc5a97d1b28eb2b78769f3d8da290","sha256":"5197d9e217afe4efaf9206f6fe1c7ec3654c9693dbc29fefea16667b2bdc33db","sha512":"f0f15e4da7fd131bdee91c51549610dfe770c6a42e173f7e4c773f47e5f2bde2340cf0cd67a1c8071ce43e3e072169576512e887f6d5e9277b466b1560930058","ssdeep":"96:CrrBM6N6bZ+7566pgvRz66rmXUmUjhD69W6r6eo8q18N6sacwR229HCaQw:CrbcbZ+E6Kt6cmX7WhD69F6v8q1U6qwl","tlshash":"62c19f42bf71af898ba5367a59bf7e80f41410c7ad4770caec20f31c56a8904707db52","first_seen":"2025-10-24T23:20:42.007414Z","last_seen":"2026-06-06T12:58:51.802781Z","times_seen":140,"resource_available":false,"data":null}},"time_used":536,"timings":{"blocked":245,"dns":0,"connect":0,"send":0,"wait":280,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/api/sys/info","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:32.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"POST /api/sys/info HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\ntoken: \r\nContent-Length: 2\r\nOrigin: https://htggxjig.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:32 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: s3f0a8f51=ko61s526p21e6nh7jccv8e5dqd; path=/; HttpOnly\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nAccess-Control-Allow-Origin: https://htggxjig.click\r\nAccess-Control-Allow-Methods: GET,POST,PATCH,PUT,DELETE\r\nAccess-Control-Allow-Headers: Authorization,Content-Type,If-Match,If-Modified-Since,If-None-Match,If-Unmodified-Since,X-Requested-With\r\nAccess-Control-Expose-Headers: User-Token-Csrf\r\nContent-Encoding: gzip\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":180,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"2415389f173ea1ac10d101ef5590ece0","sha1":"af067afea070be519b1f7221a8d3f922cb310fa2","sha256":"2786d70920669eb8b841fde33ecd04d9ac93064f1dbea9306a9a6c60fa74d470","sha512":"51a6297b5b234fce76122cb2307ee03f9bea8750b40dc11cc176e51ada4d3892093030ea8d1f62bee6756745add958a6fa128cdb3f7bd0153cad7c78e0d466fd","ssdeep":"","tlshash":"6dc080cd5d184d0d263a5244cd093a08725cf117b8429cb6cbd4bde0ef45548f006533","first_seen":"2025-12-25T06:44:02.610146Z","last_seen":"2026-02-14T04:31:56.196486Z","times_seen":5,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/pages-login-index~pages-login-register-index~pages-my-account-login-psd-index~pages-my-account-pay-psd-index.e3c2a966.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:33.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET /static/js/pages-login-index~pages-login-register-index~pages-my-account-login-psd-index~pages-my-account-pay-psd-index.e3c2a966.js HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nCookie: s3f0a8f51=ko61s526p21e6nh7jccv8e5dqd\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:33 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Dec 2025 14:58:18 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"693adc0a-3304\"\r\nExpires: Sat, 14 Feb 2026 16:31:33 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13060,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12566), with no line terminators","md5":"b0eb9343adf33794be0f418b4c8d6c23","sha1":"9bf6d8ed3c18dbee6f5bce6349fb0139fb857a32","sha256":"b72aa89b8a6a08f8070457c9fc0779f643d9e356fd46f2fac901a284ec48db0a","sha512":"65ec62b9493565b0277ae13216deb1bf05936428217eaa73a9ffe166a96127fdc222c21d8b214a6836a2c1011de1b8da8a5274ee53deeb7968ffa8f1877423fc","ssdeep":"192:bwY9Mu9kcqRsV7RNbXnSRZ6itYIqDkYce4ICqEmvLx2OH3S97W1sX3z7K:bKojnuYdGmvLcOXSkeXi","tlshash":"5b42da5d708db9929ec3987061df5006d332365988a87490e7f566f407bab8c2336f6e","first_seen":"2025-12-25T06:44:02.613387Z","last_seen":"2026-02-14T04:31:56.197546Z","times_seen":5,"resource_available":true,"data":null}},"time_used":286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dcloud.net.cn/img/shadow-grey.png","fqdn":"cdn.dcloud.net.cn","domain":"dcloud.net.cn","tld":"net.cn"},"ip":{"addr":"124.220.203.60","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:33.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dcloud.net.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 26 Aug 2025 11:47:17 GMT","end":"Fri, 25 Sep 2026 11:47:16 GMT"},"fingerprint":{"sha1":"47:A7:6C:09:6B:1D:CA:2D:7D:39:2E:C1:7F:15:DE:5D:F2:C4:0F:77","sha256":"EA:73:37:83:D0:38:44:D9:3C:0B:26:F0:DD:D1:22:2F:36:F7:F2:86:A1:B0:58:52:DE:4E:0A:21:D6:89:E7:3E"}}},"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcloud.net.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 04:31:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 136\r\nlast-modified: Thu, 06 Jun 2019 06:42:07 GMT\r\netag: \"5cf8b5bf-88\"\r\nexpires: Sat, 14 Feb 2026 15:31:34 GMT\r\ncache-control: max-age=39600\r\nset-cookie: __uni__uid=rBEQiWmP+qaeP6+RA19BAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 6, 4-bit colormap, non-interlaced","md5":"5a962adf74d92ae702467b3f47976547","sha1":"36f74049375584e3fa69b5ef87e9572336ff9e7a","sha256":"ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f","sha512":"4ace23fe7ec6c7271710030fd423aace13eafac68ac3e76366ce4ce9bdc702caf71c9bdc2fb6a32c8e9791546098617cc0259decd8bb8489afdbce43e1b53a73","ssdeep":"","tlshash":"47c09bf3a615dc754a0d153b42e98271f429511e07046d0e5a13c216741e3448d56793","first_seen":"2023-04-15T10:50:30Z","last_seen":"2026-06-08T09:36:29.244254Z","times_seen":16212,"resource_available":false,"data":null}},"time_used":1507,"timings":{"blocked":632,"dns":41,"connect":230,"send":0,"wait":241,"receive":0,"ssl":360},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"at.alicdn.com/t/font_2225171_8kdcwk4po24.ttf","fqdn":"at.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:33.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /t/font_2225171_8kdcwk4po24.ttf HTTP/1.1\r\nHost: at.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://htggxjig.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: application/octet-stream\r\ncontent-length: 55940\r\ndate: Mon, 09 Feb 2026 04:45:34 GMT\r\nx-oss-request-id: 6989666E5624273435789C4F\r\nvary: Origin\r\naccept-ranges: bytes\r\netag: \"B716002BF601F727176AE7901BDF4E4F\"\r\nlast-modified: Fri, 24 Dec 2021 20:51:06 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10201830100077572647\r\nx-oss-storage-class: Standard\r\ncache-control: max-age=63072000\r\ncontent-md5: txYAK/YB9ycXaueQG99OTw==\r\nx-oss-server-time: 2\r\nvia: ens-cache6.l2de4[634,633,200-0,M], ens-cache11.l2de4[636,0], ens-cache8.se2[0,0,200-0,H], ens-cache2.se2[1,0]\r\nage: 431159\r\nali-swift-global-savetime: 1770612334\r\nx-cache: HIT TCP_HIT dirn:6:23999050\r\nx-swift-savetime: Mon, 09 Feb 2026 04:45:34 GMT\r\nx-swift-cachetime: 31104000\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\neagleid: 2ff62c9617710434936658315e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":55940,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"GSUB\", 18 names, Macintosh,            ","md5":"b716002bf601f727176ae7901bdf4e4f","sha1":"e87c1130c27fa42d822c198f5ea8b633b5118b94","sha256":"4bc8cc97559c0a52ea4f5ce0563e1bf3a7f89d660f74792e662e76d49eae4707","sha512":"cd4d86bc27a8055bf4ba21730991acb71e32d1d8c3176b6aada3c8fcfbaacfabe3cf1c813665b4434b16c757587d38afb8fd61f3a84a440053a96b545187e672","ssdeep":"768:00Yo6KrRwXJDv2mjQ5PMWCUPQnNqcoocj9MNb5+kYfcUFO++wEMjQYVEh/gG+VeV:xY1dCpj8+kYfcUUXwjjQYV8/gBVE","tlshash":"3c437c2b835e4fb3d16a86f90c4f011b5fefd7206636f99664ca5c1e4402afd085cb9a","first_seen":"2023-04-09T15:26:02Z","last_seen":"2026-06-07T06:43:55.437248Z","times_seen":3693,"resource_available":false,"data":null}},"time_used":592,"timings":{"blocked":283,"dns":35,"connect":7,"send":0,"wait":9,"receive":17,"ssl":238},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/index.883130ca.css","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:29.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET /static/index.883130ca.css HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:29 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Dec 2025 14:58:18 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"693adc0a-1793e\"\r\nExpires: Sat, 14 Feb 2026 16:31:29 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\nServer: nginx\r\nX-Cache-Status: MISS from L1:569\r\nVia: L1:569\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96574,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"2de2f2d3943b4b382a28a439daff5939","sha1":"70d04e1c3567cb4f248b29046b98386f215a4d38","sha256":"8a35934d019c2b120a31ae6c51c75b2327f22637824b2a2c2faf4ce17ae9d4d8","sha512":"eba9271e30d6e4b21954078e3ccd839a55e1dcc8212fa375c18dce42104d19a92655c2f289401525b0c9565971a31573b928666515a3ca89b1801bbd48c1de95","ssdeep":"1536:OlIApuK7hmVmb2RS1Wu3xdynGJ7eh/nrhlvbc:VApuK7hmVrS1Wu3iG41nrPI","tlshash":"f393f73719012e39e52bcd26b6c1ab5a1e61c033e15307adfba47628cbcf9c9167b345","first_seen":"2025-07-20T12:48:29.443135Z","last_seen":"2026-06-08T12:08:40.163021Z","times_seen":2637,"resource_available":false,"data":null}},"time_used":558,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":533,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/pages-index-bid_orders-index~pages-index-index~pages-my-account-balance-index~pages-my-account-recha~a3ba5c73.ee50add9.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:31.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET /static/js/pages-index-bid_orders-index~pages-index-index~pages-my-account-balance-index~pages-my-account-recha~a3ba5c73.ee50add9.js HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:31 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Dec 2025 14:58:18 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"693adc0a-5210\"\r\nExpires: Sat, 14 Feb 2026 16:31:31 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21008,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (18538), with no line terminators","md5":"02eb81ff98f1a64d8d6fdae6ab657ebd","sha1":"0d54a7f0e43ea9f69fdf37e16ce033e36247496a","sha256":"36543a42d4f0c8b935ff0d729e252029118bdd5a76002252896d8757badda18e","sha512":"121d1477c64b931dd28ce8b9aa1c758eee877e2e459ba252ab990a5c84e186980a9ba201723484ce4844dc35d578258cf4b822c9b40273ff4c6c36d5f8ab2589","ssdeep":"384:t/sFqzgmvTzb7kBnyXb2rVhmouLWb8y0r3uiOkzpxKYA6Y7Q:tkFSggTz/kBnyXSrVhmouLq8y0r+iO43","tlshash":"9a92e89bf2eeb86605d7c458941f050a61673e2dd430f680dff497fa0ae4ace0661f29","first_seen":"2025-12-25T06:44:02.623268Z","last_seen":"2026-02-14T04:31:56.20127Z","times_seen":5,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/pages-index-index.0aa02dbb.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:31.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET /static/js/pages-index-index.0aa02dbb.js HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:31 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Dec 2025 14:58:18 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"693adc0a-f93a\"\r\nExpires: Sat, 14 Feb 2026 16:31:31 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":63802,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (59402), with no line terminators","md5":"542fa913d4ef1059531531fe8b18f3c5","sha1":"d178cafdb9bc7719279078f6dc0b063a24263841","sha256":"9c1940917f99af8d1f246e58309bddccc78d1cd7da2d711b7580390d82a5499c","sha512":"b0cd21de946d12d9a8458d3a3df357cc6a5761485a1b94aff39d1b6ca049b8ba9ed95f49758c3c1d4e63a87c0e2f3418f74a3aea2ab7e2133345169bb863825b","ssdeep":"768:4YaWMTamz9WsFf3WZn1b9544xSB0IDtz7t:Z3MTamp1Ff3WZn1bdxS2IDN7t","tlshash":"7953d91db1ceb8674fd35494108f0605927a3e68c8a1e545e7769fa48efe6ca022ff1c","first_seen":"2025-12-25T06:44:02.620013Z","last_seen":"2026-02-14T04:31:56.202071Z","times_seen":5,"resource_available":true,"data":null}},"time_used":444,"timings":{"blocked":74,"dns":2,"connect":33,"send":0,"wait":292,"receive":1,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/wode.png","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:31.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET /static/wode.png HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:32 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Dec 2025 14:58:18 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"693adc0a-16dd\"\r\nExpires: Mon, 16 Mar 2026 04:31:31 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\nServer: nginx\r\nX-Cache-Status: MISS from L1:569\r\nVia: L1:569\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5853,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 16-bit/color RGBA, non-interlaced","md5":"718ea776dc2a446b53e6dedd153ec3d7","sha1":"d2e870e16e54c81e53166cde0142909ff88260b4","sha256":"a055a826b4639a1c1b1ee37ddc072861c4df8d69367bd91cb12f5dd4a2317229","sha512":"c70c3b3e381d7cb4f139ad7462515b70f4e152fcdfae87d23f1793e823fd45c156fcfc2bdbc8f60acb3d713ea98c99c7cddec0197b1b667f3e96549fc783d0df","ssdeep":"96:FCD8oKypmBrk69eUdpgyLoM1PVy2WNzHtb0hQzgnFI3KiwqbeeXXaiaVylfHyc1:kDXl8rqsVcM1PvWNzHtb0mgnFI3menaG","tlshash":"53c18d44ab54f0398703b6fb232b6fd16c7ea16b2b8504988274209c99adf66143f8a5","first_seen":"2025-10-24T23:20:42.004022Z","last_seen":"2026-06-06T12:58:51.750662Z","times_seen":140,"resource_available":false,"data":null}},"time_used":549,"timings":{"blocked":250,"dns":0,"connect":0,"send":0,"wait":289,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/favicon.ico","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:32.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nCookie: s3f0a8f51=ko61s526p21e6nh7jccv8e5dqd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:32 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 11849\r\nConnection: keep-alive\r\nLast-Modified: Thu, 02 Oct 2025 05:47:39 GMT\r\nETag: \"68de11fb-2e49\"\r\nServer: nginx\r\nX-Cache-Status: HIT from L1:569\r\nVia: L1:569\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11849,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 89 x 101, 8-bit/color RGBA, non-interlaced","md5":"d22689c044f347076d89a6ca4feec5fe","sha1":"12c64d90cc1efcad4420de27dccae4535eefa8bc","sha256":"f1eff40ca74ef3471e7a148f564bb74d95454885320df9ad51bc441c991ab1bb","sha512":"23f66840cf4ca0787ab2e09968da1fa34ac86bf83ce0ad090d82e45f65dbf75a2228d9907bba36fc27ae36914776b727a263a37758054dbf3a90696dae493a1c","ssdeep":"192:7GAT62e7INHDzBLcdVIqXy24unSOu2tGGDrYWyBiSQ8GMnw4u48V8/sse+CQHp0G:BTDz9cLIqXvDnmwrYWyBiJnMwEk4JrN7","tlshash":"8332bf21571b2cc186e4dd317fb979e4145222ca523170482728f3a6f6b4d2e5f6bca3","first_seen":"2023-05-01T23:17:15Z","last_seen":"2026-06-08T00:44:04.861334Z","times_seen":1959,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/login_phone.png","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:33.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET /static/login_phone.png HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nCookie: s3f0a8f51=ko61s526p21e6nh7jccv8e5dqd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:33 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Dec 2025 14:58:18 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"693adc0a-689\"\r\nExpires: Mon, 16 Mar 2026 04:31:33 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\nServer: nginx\r\nX-Cache-Status: MISS from L1:569\r\nVia: L1:569\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1673,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 16-bit/color RGBA, non-interlaced","md5":"18d0b94b8de47d88f135d3da5555cdd0","sha1":"fb2405cc9e323dfa62221acaccb4f8516e1ce6d8","sha256":"86869f3fe31fbe74e503ea5217b13392c921d497e7be1beba58dcc2b4b35394e","sha512":"c402b5286a4a198bf36ef5d63bc0fda57bba48e20f66cc486177a3aec2441dd6f61600ddc665654257d9322595c3fa6b0c9d88b4fd23d1bc63f0a746c55736a2","ssdeep":"","tlshash":"4d31f8b2c540cd649643613093b56100e09e98af8c053d8ff6e1e3bd9f5e98dba41481","first_seen":"2024-05-01T16:19:23Z","last_seen":"2026-05-16T13:21:34.81885Z","times_seen":136,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/chunk-vendors.b9cd8f7a.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:29.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET /static/js/chunk-vendors.b9cd8f7a.js HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:30 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Dec 2025 14:58:18 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"693adc0a-cc8af\"\r\nExpires: Sat, 14 Feb 2026 16:31:30 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":837807,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33894)","md5":"bc482dfb164265338f7cd626f23dbfe4","sha1":"a6bebed5f7fb84db3f18026db5f30aff3df7bfa4","sha256":"456b1a5957805e4a15e44a4554aaf87c624a5000dcb183466a225f8470134470","sha512":"daa509eb0d2dc4fc4f262c8bcf62cac934766c59bbe63358c9bc3a4d6b8494f563b682c3c42554575c3872eec76eb7c2a1b4b33e02496bde3105dbf5529a2513","ssdeep":"6144:UTLoCHu0vjuYJdCqHLFpXtwTf3fTb//n7vkNTMHYEvm/40+QhAddvQz/gne+/LJm:cIUhJpdwTffn7ktdi0YvQzv+Q","tlshash":"4f05f78df282b0b50be761b5403f220bb2376969b40a84d4f675e4d0ad7894e6237f7d","first_seen":"2025-09-23T16:05:18.335984Z","last_seen":"2026-05-16T13:21:34.801121Z","times_seen":148,"resource_available":true,"data":null}},"time_used":1637,"timings":{"blocked":66,"dns":1,"connect":32,"send":0,"wait":755,"receive":743,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/pages-index-bid_orders-index~pages-index-index~pages-my-account-balance-index~pages-my-account-recha~c80fbe36.8452822a.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:31.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET /static/js/pages-index-bid_orders-index~pages-index-index~pages-my-account-balance-index~pages-my-account-recha~c80fbe36.8452822a.js HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:31 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Dec 2025 14:58:18 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"693adc0a-2f59\"\r\nExpires: Sat, 14 Feb 2026 16:31:31 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12121,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11133), with no line terminators","md5":"7ea0736e307a17856ef460a02a7b8b35","sha1":"be798a3ea3d3cdfec381e00510bb6dacf4325ef4","sha256":"78dd603b3bfc1cb5aa4c48ddeea143997bbca1b34369482880f5818f48111de7","sha512":"47f7f1f2b038bad20e1b92f8632dc24dbecc992da4ddb63612cd68b27ee36d41d043126604893f9da97d921375b35c463e4ffe9373b0f71b94b98cd974c96e90","ssdeep":"192:r4QvGJ3xqRsBR7eknRTeknycJMOFaPu7X/qRsFZUf1Vh:rV+quR1MOUu7S4ZUfN","tlshash":"6d42e716b08fb41a45938c5441ceab2820a67e179c90e5c1e3e6beb98bb379d2115f1f","first_seen":"2025-12-25T06:44:02.61901Z","last_seen":"2026-02-14T04:31:56.206196Z","times_seen":5,"resource_available":true,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/static/js/pages-index-bid_orders-index~pages-login-index~pages-login-register-index~pages-my-account-balance-i~2a47be03.c662e659.js","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:33.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"GET /static/js/pages-index-bid_orders-index~pages-login-index~pages-login-register-index~pages-my-account-balance-i~2a47be03.c662e659.js HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nCookie: s3f0a8f51=ko61s526p21e6nh7jccv8e5dqd\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:33 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Dec 2025 14:58:18 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"693adc0a-5c92\"\r\nExpires: Sat, 14 Feb 2026 16:31:33 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23698,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22286), with no line terminators","md5":"4f58608dd4c16255982e905e26de8bdb","sha1":"4d85b9adb3573dd367cf6a669a907596cba82bb3","sha256":"80eaf89ec28cba9911ca5dcb84c467f94ccbb616ceb0f92dd9863e00449f9732","sha512":"394a1ac4034216885ca07ca96b5f25745498d38c6a930e2f1da330f93351e7788fa13aeb4ab6b135668e271e55d051a30c38c321df0bdf52fe8828e916339d25","ssdeep":"384:bg8M+RQ/x/fQTfluUXX2LlnJZfFqHyPcMjAiS7pMJ9T3X:bg8M+RQ/FfQDlNelnrfFqHRcAiS7pM7j","tlshash":"6eb2715eb0c9ad7b6fc65894001fa106238e6a45ccf0bd01b7b69be5cabe249211ff15","first_seen":"2025-12-25T06:44:02.608188Z","last_seen":"2026-02-14T04:31:56.206971Z","times_seen":5,"resource_available":true,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":278,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"htggxjig.click/api/sys/info","fqdn":"htggxjig.click","domain":"htggxjig.click","tld":"click"},"ip":{"addr":"212.134.174.188","port":443,"asn":3257,"as":"GTT Communications Inc.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://htggxjig.click/","date":"2026-02-14T04:31:33.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"htggxjig.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 00:49:52 GMT","end":"Sat, 09 May 2026 00:49:51 GMT"},"fingerprint":{"sha1":"14:B9:2C:83:4D:68:04:F3:38:3B:49:1C:B5:8E:05:C4:68:4C:1B:E2","sha256":"26:29:51:4C:BF:E9:E3:98:5B:2A:9B:17:55:8E:62:80:83:34:B4:BA:E2:25:AB:EB:69:24:A9:96:D4:A2:6A:BB"}}},"request":{"raw":"POST /api/sys/info HTTP/1.1\r\nHost: htggxjig.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\ntoken: \r\nContent-Length: 2\r\nOrigin: https://htggxjig.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://htggxjig.click/\r\nCookie: s3f0a8f51=ko61s526p21e6nh7jccv8e5dqd\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 14 Feb 2026 04:31:33 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Credentials: true\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nAccess-Control-Allow-Origin: https://htggxjig.click\r\nAccess-Control-Allow-Methods: GET,POST,PATCH,PUT,DELETE\r\nAccess-Control-Allow-Headers: Authorization,Content-Type,If-Match,If-Modified-Since,If-None-Match,If-Unmodified-Since,X-Requested-With\r\nAccess-Control-Expose-Headers: User-Token-Csrf\r\nContent-Encoding: gzip\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":180,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"2415389f173ea1ac10d101ef5590ece0","sha1":"af067afea070be519b1f7221a8d3f922cb310fa2","sha256":"2786d70920669eb8b841fde33ecd04d9ac93064f1dbea9306a9a6c60fa74d470","sha512":"51a6297b5b234fce76122cb2307ee03f9bea8750b40dc11cc176e51ada4d3892093030ea8d1f62bee6756745add958a6fa128cdb3f7bd0153cad7c78e0d466fd","ssdeep":"","tlshash":"6dc080cd5d184d0d263a5244cd093a08725cf117b8429cb6cbd4bde0ef45548f006533","first_seen":"2025-12-25T06:44:02.610146Z","last_seen":"2026-02-14T04:31:56.196486Z","times_seen":5,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":291,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"htggxjig.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}