{"report_id":"2e82408c-2096-4c6a-8ac9-5e708f7b7a10","version":6,"status":"done","tags":[],"date":"2026-02-01T15:18:35Z","url":{"schema":"http","addr":"vv8815.cc/","fqdn":"vv8815.cc","domain":"vv8815.cc","tld":"cc"},"ip":{"addr":"20.24.198.210","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"www.vv6538.cc/?id=372639792","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"title":"请进行安全验证(Security Verification)","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"vv8815.cc/","fqdn":"vv8815.cc","domain":"vv8815.cc","tld":"cc"},"ip":{"addr":"20.24.198.210","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-08T15:18:35Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"vv8815.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"vv8815.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.vv6538.cc","ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-01-08","domain_rank":0,"first_seen":"2026-01-19T16:21:35.636844Z","last_seen":"2026-01-26T18:00:05.84022Z","alert_count":13,"request_count":13,"received_data":1024517,"sent_data":9954,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"vv8815.cc","ip":{"addr":"20.255.72.148","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-04-30","domain_rank":0,"first_seen":"2026-02-01T15:18:36.064419Z","last_seen":"2026-02-01T15:18:38.823721Z","alert_count":2,"request_count":1,"received_data":503,"sent_data":478,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.vv6538.cc/?id=372639792","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-04T02:02:25.009538Z","times_seen":203437,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/js/LAB.js?v=202111","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"37099778d1430ee4ea3b99d1b134fa60","sha1":"9d0615ff0ee0aa505dd0cae0f36ac002f260025d","sha256":"ef54cbf2d9d5e44594b1bc098bbab1062968d8a283bab94afb7ba0bf8127c537","sha512":"3f4d7b7d82455b4fab51c73d96820a81b64a3665e00694d14e70c5f43d6c097d8e3539f8341ed22195441dab57ba6c93cf0e80603c8206a715b736948b3b4c2e","ssdeep":"96:kT2UR6vUmYM31LBIw9F5rrJOMz6kZFLU3Me0ijK1:WppmYy1mwP5r0HaUS1","tlshash":"eeb1b7863d8eb1b9cbca3061583fd3057175f943ec45d5c0d29ae1d1a83ae68016feae","size":5494,"data":"","first_seen":"2023-03-12T10:58:20Z","last_seen":"2026-04-03T23:52:05.930897Z","times_seen":402,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/?id=372639792","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"2512414f817df8312569d55032748f81","sha1":"13467df6e962aa77bb36867ff1412e1ba9f8feb1","sha256":"e193735f8d500f10e2cdc6a94f5a43fb0257c1e2f8afc10fa04f0e3761d258de","sha512":"db6e4298746d519b0987bfa0feb89c39315718e178418e482b1c10c76439eae343afabf2db35ffaaa26c7ee6a3855084d39e9b88d35b11f87c354ceaf38874a0","ssdeep":"","tlshash":"a590029525c25101965295d4455b5c8450658675249569809180956259550205125cbc","size":47,"data":"","first_seen":"2023-04-11T22:25:25Z","last_seen":"2026-04-04T01:29:39.546998Z","times_seen":19198,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/?id=372639792","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-04T03:31:36.58835Z","times_seen":593558,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/js/init_waf_captcha.js","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"9a4f906f6d0bc4f524da8f60a5080604","sha1":"aa240afc8c0ea7d74d918c5cbb060ed33e83e60c","sha256":"352d869b1b88441a64238f78e3c500515c42fa76b334236c5e08c5a85066afd9","sha512":"3c7f95e9f47d82105a486884db6ac4a267d11ef46a7a4ffdc6d0c89319b641ec86efaf216683f889a3a03484dc53ff946a1073839b51e42789665d6015289dc3","ssdeep":"768:cHmWbgiWcjlYXLOCiVFRbvbIrN8ilFm1XQmx8EQ8ifLLyEZWrRNE1SyVb0n+Miw8:rFNWcEzkNISMa","tlshash":"07f24140b3d1fc86039b9736332b71e1e82e49aa75980c8ee101fcd0f5ed91ad9e9671","size":37251,"data":"","first_seen":"2025-08-28T13:39:19.039339Z","last_seen":"2026-04-03T23:52:05.929895Z","times_seen":263,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/js/captcha/vendor.js?v=202111","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:18:15.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/v3/static/js/captcha/vendor.js?v=202111 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=ac8072b47026fc6a04332f1c3b2fd0a40ea2f71675a75d01714dd84afa091899\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:18:15 GMT\r\ncontent-type: application/javascript\r\nserver: openresty/1.19.9.1\r\nlast-modified: Fri, 19 Nov 2021 09:44:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61977206-58e44\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":364100,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (36185), with CRLF line terminators","md5":"d579110821d5e4bcb62aa7936b61acf3","sha1":"76d6ee2e7dc87857bae01e71fcdb05d8d1a33a38","sha256":"2856a9231d2b334d96facfecd1e5fc9b282f0a9a6e50c4be89d73cbc9f1e07e5","sha512":"cf03979cea5ea64cd51733e65e0c2031673b4ef0a02bc8564224923c2896ed8891821657b7314f88a9d725aeeedec8866a43b1674c7b0e208f382755a55a7765","ssdeep":"6144:MUBtLf6Bjk/7L6xtkQV0eLFL0zEOQR+iLa98Hrc:/cZvBV9Oo+iC","tlshash":"09743dc472d2b052c3db60a6272f7446f03ab89a54889c55f258e9d87c78d4bd13bfb8","first_seen":"2025-08-28T13:39:19.036303Z","last_seen":"2026-04-03T23:52:05.93191Z","times_seen":263,"resource_available":false,"data":null}},"time_used":391,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":391,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/layer/layer.js?v=202111","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:18:15.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/v3/static/layer/layer.js?v=202111 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=ac8072b47026fc6a04332f1c3b2fd0a40ea2f71675a75d01714dd84afa091899\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:18:15 GMT\r\ncontent-type: application/javascript\r\nserver: openresty/1.19.9.1\r\nlast-modified: Fri, 19 Nov 2021 09:44:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61977206-5665\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22117,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22020), with CRLF line terminators","md5":"47db0e57d73194c6a41bab5b4d55e860","sha1":"9db378fa8d56979e86519f483993486dc476902b","sha256":"69025fc1818313fb94c9ca4975c6a45e8385a6fd0ab9d0c60c0ac93cd997566e","sha512":"851e8630a4e631b332027850905245cb68ea56fddab22a8b7504bb4689c1a26b955ddf1b0ef23d1b1a0ecd83d668e115c9e10caf823029046a97a9f7b5c858b7","ssdeep":"384:N1xCih92A3igrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:N1EiV3i+WtXItqF13k8","tlshash":"85a2b66a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","first_seen":"2023-04-07T19:23:28Z","last_seen":"2026-04-04T01:23:21.984812Z","times_seen":1046,"resource_available":true,"data":null}},"time_used":800,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":800,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/JsonpConvert/v3/jsonp?callback=callback_1769959103426\u0026fpv=H4sIAAAAAAAAA0srKAMAf8NCJQMAAAA%3D\u0026type=H4sIAAAAAAAAAysoTcoGAM5k6pUEAAAA\u0026wlocation=H4sIAAAAAAAAA1WNzQrCMBCEXyXkpKDJpumPqYh40ZNeVDyHNm2DtZE2tqL47m69CcvAfrM786aV6zxN6TAMrO%2FjSC5YltEZrVpTIK68v3cp5382X9t8JZMglipRAR4%2FOtNuStOMQXv3snWtecSATC62yd3QkcOJCGCwJAjicEmeo7R9KmTIYEp2Jrs6HoAAHEG2Fsvdk%2F9cjL%2FX2heuvWE6%2FsuxsdZN%2BdClQWSa%2BfmIyNsbriKJlYqUABkCfL7Uo%2Bz%2B3wAAAA%3D%3D\u0026_=1769959102599","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:18:23.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/JsonpConvert/v3/jsonp?callback=callback_1769959103426\u0026fpv=H4sIAAAAAAAAA0srKAMAf8NCJQMAAAA%3D\u0026type=H4sIAAAAAAAAAysoTcoGAM5k6pUEAAAA\u0026wlocation=H4sIAAAAAAAAA1WNzQrCMBCEXyXkpKDJpumPqYh40ZNeVDyHNm2DtZE2tqL47m69CcvAfrM786aV6zxN6TAMrO%2FjSC5YltEZrVpTIK68v3cp5382X9t8JZMglipRAR4%2FOtNuStOMQXv3snWtecSATC62yd3QkcOJCGCwJAjicEmeo7R9KmTIYEp2Jrs6HoAAHEG2Fsvdk%2F9cjL%2FX2heuvWE6%2FsuxsdZN%2BdClQWSa%2BfmIyNsbriKJlYqUABkCfL7Uo%2Bz%2B3wAAAA%3D%3D\u0026_=1769959102599 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Req-Token: 5c15334aa8ab432978ecda2272f7f20f\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=ac8072b47026fc6a04332f1c3b2fd0a40ea2f71675a75d01714dd84afa091899\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:18:23 GMT\r\ncontent-type: text/plain;charset=utf-8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":344,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (344), with no line terminators","md5":"9c0b031cd30a9964f7ffda0ea6744ec8","sha1":"dc1aa34e8bfe0de6d951b29db365be770c973b02","sha256":"c8becffc8166b3f8a3f509dbc3e41937c57466fdf60d1d62a0fdd855205f9ad1","sha512":"162ccf0aba26645b597ce66062116270bcb77a4d338aa8d0f65cd54af4773799b55fb6ffe3de480d176968512c5cf69db250d43eaf2510a1f4994e8ee24ea7d7","ssdeep":"","tlshash":"48e02db058d3e8ceb843fb882835815e5f1e0d8b3ecce80713608f0605259b14378306","first_seen":"2026-02-01T15:18:41.577124Z","last_seen":"2026-02-01T15:18:41.577124Z","times_seen":1,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/?id=372639792","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-01T15:18:13.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /?id=372639792 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 521 No Reason Phrase\r\ndate: Sun, 01 Feb 2026 15:18:14 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache, no-store\r\nset-cookie: waf_captcha_marker=ac8072b47026fc6a04332f1c3b2fd0a40ea2f71675a75d01714dd84afa091899; Max-Age=300; Path=/; HttpOnly\r\nstrict-transport-security: max-age=31536000; preload\r\nx-request-id: 2b89a96fe97846f3c91e6c108a869d6d\r\nserver: ****\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"521","status_text":"No Reason Phrase","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with no line terminators","md5":"cb7dcd334327d9a355753a28eb4d119b","sha1":"51f8a7c76b9b216860e57d3b48d8c1850a9e5a4a","sha256":"491f0ac4341e58cf7aa27b9bfd64927c98f206a27e025aae1053e76848c1d1e2","sha512":"4f25ee783f345fb57f1baaa3b4e964ac37bc4415c2bb3210ac302cd983e798c80a7aaa6f17205d15bd893fc62b559967b4ddc776f3d2dff2005365b8a1d2ad99","ssdeep":"","tlshash":"89b012f05c10c4ac34b108c278f2f78c7c3490702403f404a0cc51142400b8ecf06c99","first_seen":"2025-10-21T05:54:48.942083Z","last_seen":"2026-04-03T23:52:05.933378Z","times_seen":261,"resource_available":true,"data":null}},"time_used":1618,"timings":{"blocked":691,"dns":215,"connect":234,"send":0,"wait":235,"receive":0,"ssl":239},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/?id=372639792","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-01T15:18:14.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /?id=372639792 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nCookie: waf_captcha_marker=ac8072b47026fc6a04332f1c3b2fd0a40ea2f71675a75d01714dd84afa091899\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 521 No Reason Phrase\r\ndate: Sun, 01 Feb 2026 15:18:14 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache, no-store\r\ncontent-encoding: gzip\r\ncontent-length: 16260\r\nstrict-transport-security: max-age=31536000; preload\r\nx-request-id: c1b298ba1ab4d0a5ec6f362c2b7cbd7c\r\nserver: ****\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"521","status_text":"No Reason Phrase","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25597,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (23159), with CRLF line terminators","md5":"8bcb748957e1764bc437d6fc7a50e7dd","sha1":"946608176eb082ad8d2af857ea4e62ea5f4953b6","sha256":"e247dedc842b809d1b0907f4db5cd9fad8053bda392609e4fd7ace2ce5c4a9ec","sha512":"3ec6a1f62d3c63502bd725bcf2c836119f85d0fffa599f9826deae63bb11d4aeccaf0929341c11ee5f54010bbcb58d8c4b95422770d731f8adc710aaafe4aca4","ssdeep":"384:lbXHd+/tYSUM1GEgMPl2vB0WHJ5Ore9NpUr3iq/PJXbGCQsnC/MdKBASzi:R90tlcMPl2vVJ/9MrzPJXbrQsnBGzi","tlshash":"f6b25c33468a6b293f73e5807916316aed5aa4dfa3435654f4cd32e38fe1a42cd5a8c0","first_seen":"2025-08-28T13:39:19.021468Z","last_seen":"2026-04-03T23:52:05.929297Z","times_seen":263,"resource_available":true,"data":null}},"time_used":318,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":317,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/js/init_waf_captcha.js","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:18:14.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/v3/static/js/init_waf_captcha.js HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=ac8072b47026fc6a04332f1c3b2fd0a40ea2f71675a75d01714dd84afa091899\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:18:14 GMT\r\ncontent-type: application/javascript\r\nserver: openresty/1.19.9.1\r\nlast-modified: Fri, 19 Nov 2021 09:44:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61977206-9183\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37251,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (37251), with no line terminators","md5":"9a4f906f6d0bc4f524da8f60a5080604","sha1":"aa240afc8c0ea7d74d918c5cbb060ed33e83e60c","sha256":"352d869b1b88441a64238f78e3c500515c42fa76b334236c5e08c5a85066afd9","sha512":"3c7f95e9f47d82105a486884db6ac4a267d11ef46a7a4ffdc6d0c89319b641ec86efaf216683f889a3a03484dc53ff946a1073839b51e42789665d6015289dc3","ssdeep":"768:cHmWbgiWcjlYXLOCiVFRbvbIrN8ilFm1XQmx8EQ8ifLLyEZWrRNE1SyVb0n+Miw8:rFNWcEzkNISMa","tlshash":"07f24140b3d1fc86039b9736332b71e1e82e49aa75980c8ee101fcd0f5ed91ad9e9671","first_seen":"2025-08-28T13:39:19.039339Z","last_seen":"2026-04-03T23:52:05.929895Z","times_seen":263,"resource_available":true,"data":null}},"time_used":317,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/css/captcha.css?v=202111","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:18:15.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/v3/static/css/captcha.css?v=202111 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=ac8072b47026fc6a04332f1c3b2fd0a40ea2f71675a75d01714dd84afa091899\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:18:15 GMT\r\ncontent-type: text/css\r\nserver: openresty/1.19.9.1\r\nlast-modified: Fri, 19 Nov 2021 09:44:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61977206-56e9\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22249,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5606), with CRLF line terminators","md5":"43ed1139663e680802f9d9c68815341c","sha1":"328bcda0a79c53787a60669b862d78da1d499bfc","sha256":"2d187196b8b4cd5d2dde9194526dfbb950ebd35d8acfe095270f7a16ed3d319f","sha512":"4ec4f43ad6b5e02ee3e350135454176574004bca294608bf83d90d30e1fff1a4563f0a2a1bcabab0c77142f4998e7aef96992356bb19b40440ac8cffea9bbae2","ssdeep":"384:WFpCiHpMZMYC4rFQivpZMYC4rFQivRP4D+MYC4rFQivNWSnqkYhMHF:WFpCiHmfC4xFvpfC4xFvRPeuC4xFvBqK","tlshash":"90a23a379e0b6ccb6f7d3d90e69c2a411e48b5639a2b468cf949005881d992dff2d1bc","first_seen":"2025-08-28T13:39:19.024465Z","last_seen":"2026-04-03T23:52:05.930429Z","times_seen":264,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/js/captcha/app.js?v=202111","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:18:15.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/v3/static/js/captcha/app.js?v=202111 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=ac8072b47026fc6a04332f1c3b2fd0a40ea2f71675a75d01714dd84afa091899\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:18:15 GMT\r\ncontent-type: application/javascript\r\nserver: openresty/1.19.9.1\r\nlast-modified: Fri, 19 Nov 2021 09:44:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61977206-775f6\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":488950,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6287fa0dac8ec2b9c41d2b2c3ee88963","sha1":"24a54aa9c14024cefbc8ddde6d97e75ad5c2dd73","sha256":"cabe60e28723988be9da0dcdffa01ad4db25afedb7abb2b7a7970acc6f3ee5e9","sha512":"befe0e713d72aa31e091d44f047aa860134bccc0f11b4ed4d953a8585a9cf6b8e2a06965c15928d96abb708436c342dc9fc01f43ca77a4ee3f28c27f67876bbc","ssdeep":"12288:j7xoVcmbGnWkHejXYCLb0atMAJYLzNdGqw06iwUKKvZxD8t9S/mtPIfY16/PIvzT:jO2mvkHerYCLb0aZJYLzNdGqw06iLKKY","tlshash":"43a46281b7c1fc4102175b76731a72f5f97ad9a9f488849ef001bda0f0e9913eae5272","first_seen":"2025-08-28T13:39:19.030011Z","last_seen":"2026-04-03T23:52:05.932434Z","times_seen":262,"resource_available":true,"data":null}},"time_used":816,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":816,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/layer/theme/default/layer.css?v=3.1.1","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:18:22.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/v3/static/layer/theme/default/layer.css?v=3.1.1 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=ac8072b47026fc6a04332f1c3b2fd0a40ea2f71675a75d01714dd84afa091899\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:18:22 GMT\r\ncontent-type: text/css\r\nserver: openresty/1.19.9.1\r\nlast-modified: Fri, 19 Nov 2021 09:44:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61977206-381f\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14367,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14367), with no line terminators","md5":"3d2e0d91c5c0b96abb8dbdc2234aba77","sha1":"9d55e153b30fd7414fada5718e20918e9c7f65e7","sha256":"e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc","sha512":"42bf3eff281998d088ce012b9a5910f72951c91715595572bb968fbfc5fa2b1cddacef3ca683a1734eb41114b302b6a4dad8b7432c5877b3563a080a2547ae05","ssdeep":"96:mp+Ntha8qNEp+wRY1vUPXiK6nMLPD2OtLzXyPHL/LztJDzyv2OQ7KGx1jyd2/SWz:1WmLr2OtSrzzt42OQ7KGx1jCWR2b+RcU","tlshash":"2e5221e144811299b0278721d6dc7eba32f88d43e5630daef257381f874c6dba2b6647","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-04-04T01:23:22.053653Z","times_seen":5842,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/JsonpConvert/v3/jsonp?callback=callback_1769959103662\u0026fpv=H4sIAAAAAAAAA0srKAMAf8NCJQMAAAA%3D\u0026level=H4sIAAAAAAAAAyvOyUxJjS8zAgDYAQiSCAAAAA%3D%3D\u0026type=H4sIAAAAAAAAAytJzS3ISSxJBQCDH2CXCAAAAA%3D%3D\u0026wlocation=H4sIAAAAAAAAA1WNzQrCMBCEXyXkpKDJpumPqYh40ZNeVDyHNm2DtZE2tqL47m69CcvAfrM786aV6zxN6TAMrO%2FjSC5YltEZrVpTIK68v3cp5382X9t8JZMglipRAR4%2FOtNuStOMQXv3snWtecSATC62yd3QkcOJCGCwJAjicEmeo7R9KmTIYEp2Jrs6HoAAHEG2Fsvdk%2F9cjL%2FX2heuvWE6%2FsuxsdZN%2BdClQWSa%2BfmIyNsbriKJlYqUABkCfL7Uo%2Bz%2B3wAAAA%3D%3D\u0026captcha_protect=H4sIAAAAAAAAAw3SN7arSAAA0QURQOMJJuhGAgQC4QUkc%252FDee63%252BvxXUDaqIuzVP42lLq%252Fj%252FaRm3PN0YPuKz6dYp3%252FSZE6%252B5p6PotvksMgZLXsRlSKJ4TftIv7JSzthRu0LnIRX67ZJ1%252FSPnAU7T0b3F6sFlltRXg9PqguuR71kxSAwSXcLr10NsAUesilhiGs%252FEeKdtSUaxyFQAeNtsY3sBjoHjsG4K3Fx29nLYaYbFhsjUBS94FfgtdFyb9gp%252B2HwLwwOx6uraYM%252BFR641npHgn2AdusfF%252BeuKOMyuylAwrt4GF5gUNgQnIZRbiT%252Bc4Og%252BtURWkVGwqTQm8lSpPn79YI25hqb3WYoK9im69dCfestsc68wpJ1hwMJrezvFamwAlWRcKuvTIpyUA%252FluitX6ElGqIKt8LEVJEfmBbt4Cp5qK5eh9zxwms6DCnw2olwSeAoGjO2Py4PWAH89wVXQVOF%252F%252FFSEOqpxx%252FKeoHKwo9PAUYjqxuPgKeEyNbiDdaB4Ym9enQBRriDeFXiUGFT2dBROhW43BLWg5zRdTbLhgnFy%252BIG2gO2Ybx6P8S6LwQ6xVTb5l%252BrAGMzY9jZZ6QZPVRrmDZrJg%252Bf3JVvAqh%252FkbydPw9diudHeR95UlkeIo35xQsM1OO%252BISy5UQR8mFqKOy1T0PCoU2j%252FrW1llvkUwY%252BbFnPmGuLYJiKruQq8ud9tIfopg97H1cLDXsTdkkipQDq3EPjuuUKpEVsnfmx9jOwR6G%252BRbIpqqX7bDppwyuBHjN2Q29Jvf%252BZIPXgc7dWaYgZJLBqXk1g91GrJQ3KIG2%252FYZuScbxJXuUij4kTjEsLNSzSQyjPKEgh3KkGc2dL%252FL%252Bp%252FVbLCqibZ%252FZ4jlMDWZDSuB%252Fvypy3opJx0RAFk1A%252FmTpqP8uX3OtE%252FZxWDblcZd5XLZjGoUn3zzY0R8sXJizXW1aXl3MICOJr6hZ4Toly7SzJtvZgvtWaagdendhrgec%252BYVZEc2%252Fv%252Fm1BdfxjAs%252BOmUJfzlFpTxQ%252FqMYjHgu7yQdrypY0ZIluWKXwxiyL5swoa6lzloQy%252BBWtmKlmhjrgt%252FdjvWea%252FPSrr3D9UkyLfYZ73N%252F2VwuLUoBpBaaHZ3cqLtmkc4giTRedCzVDDsPLJwUYyg2%252Fyz%252F%252FQPg1wb2QAQAAA%253D%253D\u0026originalImage=H4sIAAAAAAAAA0tLzClOBQAwaM0rBQAAAA%3D%3D\u0026_=1769959102600","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:18:23.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/JsonpConvert/v3/jsonp?callback=callback_1769959103662\u0026fpv=H4sIAAAAAAAAA0srKAMAf8NCJQMAAAA%3D\u0026level=H4sIAAAAAAAAAyvOyUxJjS8zAgDYAQiSCAAAAA%3D%3D\u0026type=H4sIAAAAAAAAAytJzS3ISSxJBQCDH2CXCAAAAA%3D%3D\u0026wlocation=H4sIAAAAAAAAA1WNzQrCMBCEXyXkpKDJpumPqYh40ZNeVDyHNm2DtZE2tqL47m69CcvAfrM786aV6zxN6TAMrO%2FjSC5YltEZrVpTIK68v3cp5382X9t8JZMglipRAR4%2FOtNuStOMQXv3snWtecSATC62yd3QkcOJCGCwJAjicEmeo7R9KmTIYEp2Jrs6HoAAHEG2Fsvdk%2F9cjL%2FX2heuvWE6%2FsuxsdZN%2BdClQWSa%2BfmIyNsbriKJlYqUABkCfL7Uo%2Bz%2B3wAAAA%3D%3D\u0026captcha_protect=H4sIAAAAAAAAAw3SN7arSAAA0QURQOMJJuhGAgQC4QUkc%252FDee63%252BvxXUDaqIuzVP42lLq%252Fj%252FaRm3PN0YPuKz6dYp3%252FSZE6%252B5p6PotvksMgZLXsRlSKJ4TftIv7JSzthRu0LnIRX67ZJ1%252FSPnAU7T0b3F6sFlltRXg9PqguuR71kxSAwSXcLr10NsAUesilhiGs%252FEeKdtSUaxyFQAeNtsY3sBjoHjsG4K3Fx29nLYaYbFhsjUBS94FfgtdFyb9gp%252B2HwLwwOx6uraYM%252BFR641npHgn2AdusfF%252BeuKOMyuylAwrt4GF5gUNgQnIZRbiT%252Bc4Og%252BtURWkVGwqTQm8lSpPn79YI25hqb3WYoK9im69dCfestsc68wpJ1hwMJrezvFamwAlWRcKuvTIpyUA%252FluitX6ElGqIKt8LEVJEfmBbt4Cp5qK5eh9zxwms6DCnw2olwSeAoGjO2Py4PWAH89wVXQVOF%252F%252FFSEOqpxx%252FKeoHKwo9PAUYjqxuPgKeEyNbiDdaB4Ym9enQBRriDeFXiUGFT2dBROhW43BLWg5zRdTbLhgnFy%252BIG2gO2Ybx6P8S6LwQ6xVTb5l%252BrAGMzY9jZZ6QZPVRrmDZrJg%252Bf3JVvAqh%252FkbydPw9diudHeR95UlkeIo35xQsM1OO%252BISy5UQR8mFqKOy1T0PCoU2j%252FrW1llvkUwY%252BbFnPmGuLYJiKruQq8ud9tIfopg97H1cLDXsTdkkipQDq3EPjuuUKpEVsnfmx9jOwR6G%252BRbIpqqX7bDppwyuBHjN2Q29Jvf%252BZIPXgc7dWaYgZJLBqXk1g91GrJQ3KIG2%252FYZuScbxJXuUij4kTjEsLNSzSQyjPKEgh3KkGc2dL%252FL%252Bp%252FVbLCqibZ%252FZ4jlMDWZDSuB%252Fvypy3opJx0RAFk1A%252FmTpqP8uX3OtE%252FZxWDblcZd5XLZjGoUn3zzY0R8sXJizXW1aXl3MICOJr6hZ4Toly7SzJtvZgvtWaagdendhrgec%252BYVZEc2%252Fv%252Fm1BdfxjAs%252BOmUJfzlFpTxQ%252FqMYjHgu7yQdrypY0ZIluWKXwxiyL5swoa6lzloQy%252BBWtmKlmhjrgt%252FdjvWea%252FPSrr3D9UkyLfYZ73N%252F2VwuLUoBpBaaHZ3cqLtmkc4giTRedCzVDDsPLJwUYyg2%252Fyz%252F%252FQPg1wb2QAQAAA%253D%253D\u0026originalImage=H4sIAAAAAAAAA0tLzClOBQAwaM0rBQAAAA%3D%3D\u0026_=1769959102600 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Req-Token: 2f611066856188c91c0f544492f88883\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=ac8072b47026fc6a04332f1c3b2fd0a40ea2f71675a75d01714dd84afa091899\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:18:23 GMT\r\ncontent-type: text/plain;charset=utf-8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":716,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (716), with no line terminators","md5":"cb4848a5546e9797ec511f9917afad78","sha1":"501cbfb684171e0a3ea9e3c06981b85a4b573918","sha256":"a080542bf990d35ea93841819bf3f38f6bba18ff7d031bd23adf5ddb5f7894e3","sha512":"055f7fcabbc7ddd5ceabc7a2bb5dce745c036c19d4d8f159a51545ff341771124cb1a94574427f79d55526cd08576b5edabc7193eb95191e807c2c19940e0d5a","ssdeep":"","tlshash":"1f01609cc42fa5352d82c7061d130e5d2a0811db0f1c6a98939801938d0883a2cb12de","first_seen":"2026-02-01T15:18:41.591602Z","last_seen":"2026-02-01T15:18:41.591602Z","times_seen":1,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":236,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vv8815.cc/","fqdn":"vv8815.cc","domain":"vv8815.cc","tld":"cc"},"ip":{"addr":"20.255.72.148","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-01T15:18:11.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vv8815.cc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Thu, 04 Dec 2025 00:00:00 GMT","end":"Wed, 04 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"9C:68:0B:90:13:2D:57:E9:B2:44:2A:43:D5:7D:D8:F6:D6:89:37:B3","sha256":"90:FE:EC:E6:F7:DF:92:A3:D1:4C:77:8C:FD:A4:06:E9:1D:E6:77:7A:E3:28:A8:FD:C3:EC:1F:ED:2B:B0:19:A8"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: vv8815.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Sun, 01 Feb 2026 15:18:13 GMT\r\ncontent-type: text/html\r\ncontent-length: 162\r\nlocation: https://www.vv6538.cc/?id=372639792\r\nexpires: Sun, 01 Feb 2026 15:08:48 GMT\r\ncache-control: no-cache, max-age=0, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":102,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T03:31:09.46171Z","times_seen":13315120,"resource_available":true,"data":null}},"time_used":3569,"timings":{"blocked":1634,"dns":999,"connect":203,"send":0,"wait":302,"receive":0,"ssl":429},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"vv8815.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"vv8815.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/layer/theme/default/layer.css?v=202111","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:18:15.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/v3/static/layer/theme/default/layer.css?v=202111 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=ac8072b47026fc6a04332f1c3b2fd0a40ea2f71675a75d01714dd84afa091899\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:18:15 GMT\r\ncontent-type: text/css\r\nserver: openresty/1.19.9.1\r\nlast-modified: Fri, 19 Nov 2021 09:44:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61977206-381f\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14367,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14367), with no line terminators","md5":"3d2e0d91c5c0b96abb8dbdc2234aba77","sha1":"9d55e153b30fd7414fada5718e20918e9c7f65e7","sha256":"e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc","sha512":"42bf3eff281998d088ce012b9a5910f72951c91715595572bb968fbfc5fa2b1cddacef3ca683a1734eb41114b302b6a4dad8b7432c5877b3563a080a2547ae05","ssdeep":"96:mp+Ntha8qNEp+wRY1vUPXiK6nMLPD2OtLzXyPHL/LztJDzyv2OQ7KGx1jyd2/SWz:1WmLr2OtSrzzt42OQ7KGx1jCWR2b+RcU","tlshash":"2e5221e144811299b0278721d6dc7eba32f88d43e5630daef257381f874c6dba2b6647","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-04-04T01:23:22.053653Z","times_seen":5842,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/js/LAB.js?v=202111","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:18:15.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/v3/static/js/LAB.js?v=202111 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=ac8072b47026fc6a04332f1c3b2fd0a40ea2f71675a75d01714dd84afa091899\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:18:15 GMT\r\ncontent-type: application/javascript\r\nserver: openresty/1.19.9.1\r\nlast-modified: Fri, 19 Nov 2021 09:44:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61977206-1576\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5494,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5389), with CRLF line terminators","md5":"37099778d1430ee4ea3b99d1b134fa60","sha1":"9d0615ff0ee0aa505dd0cae0f36ac002f260025d","sha256":"ef54cbf2d9d5e44594b1bc098bbab1062968d8a283bab94afb7ba0bf8127c537","sha512":"3f4d7b7d82455b4fab51c73d96820a81b64a3665e00694d14e70c5f43d6c097d8e3539f8341ed22195441dab57ba6c93cf0e80603c8206a715b736948b3b4c2e","ssdeep":"96:kT2UR6vUmYM31LBIw9F5rrJOMz6kZFLU3Me0ijK1:WppmYy1mwP5r0HaUS1","tlshash":"eeb1b7863d8eb1b9cbca3061583fd3057175f943ec45d5c0d29ae1d1a83ae68016feae","first_seen":"2023-03-12T10:58:20Z","last_seen":"2026-04-03T23:52:05.930897Z","times_seen":402,"resource_available":true,"data":null}},"time_used":305,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":305,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/favicon.ico","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:18:15.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=ac8072b47026fc6a04332f1c3b2fd0a40ea2f71675a75d01714dd84afa091899\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 521 No Reason Phrase\r\ndate: Sun, 01 Feb 2026 15:18:15 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache, no-store\r\ncontent-encoding: gzip\r\ncontent-length: 16260\r\nstrict-transport-security: max-age=31536000; preload\r\nx-request-id: a4f1645a2b57023dc3b4bb98c2b02c4c\r\nserver: ****\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"521","status_text":"No Reason Phrase","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25597,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (23159), with CRLF line terminators","md5":"8bcb748957e1764bc437d6fc7a50e7dd","sha1":"946608176eb082ad8d2af857ea4e62ea5f4953b6","sha256":"e247dedc842b809d1b0907f4db5cd9fad8053bda392609e4fd7ace2ce5c4a9ec","sha512":"3ec6a1f62d3c63502bd725bcf2c836119f85d0fffa599f9826deae63bb11d4aeccaf0929341c11ee5f54010bbcb58d8c4b95422770d731f8adc710aaafe4aca4","ssdeep":"384:lbXHd+/tYSUM1GEgMPl2vB0WHJ5Ore9NpUr3iq/PJXbGCQsnC/MdKBASzi:R90tlcMPl2vVJ/9MrzPJXbrQsnBGzi","tlshash":"f6b25c33468a6b293f73e5807916316aed5aa4dfa3435654f4cd32e38fe1a42cd5a8c0","first_seen":"2025-08-28T13:39:19.021468Z","last_seen":"2026-04-03T23:52:05.929297Z","times_seen":263,"resource_available":true,"data":null}},"time_used":312,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":311,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}