{"report_id":"2ee2c19b-ebb8-48c7-bf8d-aa6f2bb6ccb3","version":6,"status":"done","tags":[],"date":"2026-02-01T14:02:09Z","url":{"schema":"http","addr":"3080app.com","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":0,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"http","addr":"3080app.com/m/index","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"title":"TikTok Luxury Shoppingˉ™","dom":{"size":69077,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (62220)","md5":"341a35798032b14028f4355d85c45693","sha1":"90ae830c1400c98d50df76c25cdb11d6d262bad1","sha256":"33644349b481de693b46fe32a284aa3e8aeee5cbbbcf7ea9a821a1ed9c9183dc","sha512":"502158a4f638013f375d815b0f123ab93634eea7ad5192ea1d0da9ea97309cbd45ca97d3c2961034d65e6c10b18ae411e39aab3a5a627114f7c9785634c5fe64","ssdeep":"768:yByKUeJaFjSJIVdbIIIIL+oKmyJ7oTl3VOjVokGWhcO1PgZ:OUeMIIIICYyJ7oTr","tlshash":"1963bf21a93308ab4133c8d4f4613f4971e2fb8ac3999281f67c4b2a5fd7d7478652e9","dom_hash":"domhashd56697194e65c7ca356d1d4c5b36a2ad","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"3080app.com","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":0,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-08T14:02:09Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"3080app.com","ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":270,"request_count":90,"received_data":1963043,"sent_data":32984,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:1.11.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js:2.6.10","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"SockJS:1.3.0","description":"SockJS is a browser JavaScript library that provides a WebSocket-like object.","website":"https://sockjs.org","common_platform_enumeration":"","icon":"SockJS.png","categories":["Web frameworks","JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]}]},{"fqdn":"mx-worktt2026.shop","ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-01T14:02:14.733282Z","last_seen":"2026-02-01T14:02:16.770124Z","alert_count":82,"request_count":82,"received_data":13172535,"sent_data":39739,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-01-25T22:25:20.721908Z","alert_count":0,"request_count":16,"received_data":1880019,"sent_data":7130,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/axios/0.19.0-beta.1/axios.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"334149adf44476f28bfbf16c7b0382c2","sha1":"ad2ea246ebb53ed655ab50d44b33d4d6f942387d","sha256":"6d2c0a450a04b5d1492f77d7e512fe6af26e95c2feac596825f45e71b9ffa4d6","sha512":"0f9d66a68e400a2499cc1dbd79331892e9e62e278d8b4784e354b7a281c91fcc1401eedb0857ff6911d842ea853d39081b459fbdc0e30d927ee93b5ba1ecdbea","ssdeep":"384:hpI8XyWPbWeAExXqgxH7RqzGbcQdVzxbUm6HwT9eei:LbXdyGbcczx/6QT9e1","tlshash":"f25285ce7861b0a757e320f0805f4a0fb2b6552a754d84a0f660e9f66db542e8733f5c","size":13638,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.11665Z","times_seen":1178,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c019be63e713ce6f2aa221c0df8fa0cb","sha1":"e5471888945144f233714d470959059c010eb667","sha256":"87e6aba4bd25be4196ad7f269a62de823242abe105df538f218d4e6e268f74ce","sha512":"6ca3ae5fb17dc20a2c27d4008454feb7cefc626bf104252354c1abd0977f73a315001d94293a7d4379ecfda6ba21d3f49a992f243a6f9249c935195527d407be","ssdeep":"384:BPdUYakDlUGQrDQxMQ4rJaT30WCxQI1cg:DUYzhUGmUMQUX3","tlshash":"cea2b7c6f56270270a9260e5183f1107a33f241d648d855df2d6e8ee2ebdd8e91a3f39","size":22805,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.100935Z","times_seen":1153,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.15.7/index.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc6dfa2d326274455390160572856dce","sha1":"efd937a0eaa2f39487b612814c98c37a752c9a2a","sha256":"bc09e54472585388c0ef0b58e5818a448f03b5671df4120da425cd6cac70fb79","sha512":"d42e99eb85cefb310ba46cf4a5fd9514f6804d4fa95f312178b0b54723db60950908465b257cd7160e2a67e56b1b2855bada2e67f56c992f53fad520bb7a73f6","ssdeep":"6144:jlrTktiHOvAeyErnMb/KeG4tVhkiIAUYxRtS8islZST79eA:jNktiHOvAeyErnMb/0G1TUARQ79eA","tlshash":"e1c41a8d72c5b53147a36070103f250bb33b299ca40980dcb679d9ea6dbd909626ffbd","size":590640,"data":"","first_seen":"2023-03-11T09:11:20Z","last_seen":"2026-06-07T10:47:43.44918Z","times_seen":641,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fa93e8894edb6245ab03883633b12b6e","sha1":"e3ba4c7d1a8876090756fd31715b4f6af6fd649e","sha256":"3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15","sha512":"263612833aa8f4ad08798184b25311604f1a3bdb6aecacb71103661159007ba0a9d7803094930b3276f47e980492bdd8c49f208508ab88ebd9c0875166278621","ssdeep":"","tlshash":"0c8124b0bb8d35ab0e0e21145b1f60cd927ce43a085949f6ec9df1321468c2e977ad6e","size":3883,"data":"","first_seen":"2023-03-07T12:01:36Z","last_seen":"2026-06-07T15:52:31.218978Z","times_seen":3334,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-router/3.0.7/vue-router.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"32e2eb91e6ed0512057b2ad1e6d1b242","sha1":"27809df1b99a4b81b6b82ba2985cdd4b1c8bebb6","sha256":"e8707a396dd2f8d74eaaeb2f784074a24d7a71cbe15dcc70297f726b31c160d5","sha512":"0ab7b445b586dd27a0aeb72396350982783129c9ba028ba1db847c9d2acc0de9c90c3c9636e76a21553fedf81031220f3676ea64bf7336644c04da33d744563d","ssdeep":"384:UUcnX3xpR5tumD+EaKGZRpqB1UdEPQFWmexTMCJ:7E3jXtuW+qGZK1UCP5mqMk","tlshash":"01b2c7ddb581b03547e326a0412f250bf27b358db44e8498f269e4d52cba85ec42bf79","size":24822,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.190705Z","times_seen":1171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs//Swiper/4.5.1/js/swiper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ac19265b38d14235141d184bca54d9a","sha1":"c725eb5a33d093e331e25c3a5ef1272b0f1f648c","sha256":"e2c1132a1877692ca2e8d46203eaae9cf6936b0a9230341c6bfc4b5aedbb1e0e","sha512":"6476ae51cfef0724ba254cff1e5d68f2cda477840954b01b933f1c9608ed6ca5094fe006d5cef7e5a32d54b25fb4a418a3e2c3eb642bcafa0d6bebaacbeac21d","ssdeep":"1536:O/pPCitsufJthaK85kqzOAkRlojU6tU8r5MhkhGllpcXvH7WcWUKcOqylFE8BtOa:+JthJkOAkaRaaGl4fH7WcWUKcOqjtYD","tlshash":"2bc31849b35071e551e72256539ed601a3b66845b90ac0a831b2d8d7acbce8c03bfffd","size":128745,"data":"","first_seen":"2023-03-07T12:58:52Z","last_seen":"2026-06-07T13:47:28.132217Z","times_seen":2387,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.1/swiper-bundle.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"38ef180eaf570243775427085e2ea834","sha1":"e0d97d1c702c90dbb22a6294b3c1e4126ba1662a","sha256":"b624e1e378abe009ef0de69a698b0a3e734af47efcdbd6816d5fcb8fc64c8bfe","sha512":"9da1101bbe0870e2d0e8afc1d4f9a121c6788b7604d855ecdb39bad37135437b216eba27f8f9982e0e38feafb1032983fd1bec919d87f25d506bb239a842e5ae","ssdeep":"3072:NJvgjudkXhYnafpoy9v8cIWyUaV4y+oGeJhyEfrNK/MxF:NJvgidkXhYnafpl9v8cIWybV4y+oGMAQ","tlshash":"c0e3f8896360b1a552e3268b93a9c611e3b51400b409c4e871bd4c9b6d7ed9813ffffe","size":143070,"data":"","first_seen":"2023-03-07T01:27:55Z","last_seen":"2026-06-07T07:45:16.076416Z","times_seen":465,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-vendors.0959c18b.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"59718baba413ffce8af627b8a687fb33","sha1":"7ad82303fcd29efcdad03df36319183f8787d4c8","sha256":"95732ae511ea64b6041ef117de0b516f6523a1d657c809f3117a0c9fc42fdf0c","sha512":"9a8210c594b1ff6caec54315030f045a86dcc4d2fdc681a767730e524dac8240f6038b6ce225bce1b0415f7ebc802d7fc47102fb86069fc6baf6d037790e8dad","ssdeep":"768:WscXuLZN8ZzldBKOpNtWVw5iVJonYrQBOJJB2GfJbrCGVuZgdpGd+cH0iIWRiAVo:5cXub8Zzl7bD/YowQKL4+cHdIziAAg5l","tlshash":"4533c788f2e6f074479761a4402f600bf279ad55744e88a8f225e4d1bdb8dce847bf38","size":51996,"data":"","first_seen":"2024-06-11T23:26:00Z","last_seen":"2026-06-01T10:56:00.256892Z","times_seen":129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"0d75a045ada91e8b297dc25ca5080ebc","sha1":"5459c8d31303d82ae64e465707ea4c0b774a26f7","sha256":"3bbcd117f9c743158fa2c3e85837cada012be7f205946287fe8dd509c7a317ba","sha512":"7a44155e399fa84ca4f908072115d470b687598d9d35ccde28025515a3f312cc1bbcdc6bc8a464e278f28d3563ade49f32a6d0099033870d1bd61dad4beeede5","ssdeep":"","tlshash":"a3a002a363459b385cdd3ba65470cb9a3c385121bc16b445450d1920c5a8ec2445bd94","size":67,"data":"","first_seen":"2023-03-07T18:08:41Z","last_seen":"2026-06-01T10:56:00.263506Z","times_seen":266,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"2675fab97e66abb2dc482356efb999b7","sha1":"3311edff263714f305e1e345e152bbee777cc844","sha256":"bc87ac65daaf5582b0084af46d5f173f84e35b6b39733943e908fd9023cf3bb6","sha512":"6d1ed57e31ecba4fd8d5e5bad006be0928245259a0d0a57a6c99029dc00cb4d2e74f0ee31a7c4e198b51bef9c544d9a55c559aad033e38acf75be73bb53873bc","ssdeep":"","tlshash":"121180cb99618a6896e214ee36fe3750b573e052f9446130751fcd103d9c70f036aaeb","size":889,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.236674Z","times_seen":1123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vuex/3.1.1/vuex.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c66594705de51675f08e3b83b9b9b38c","sha1":"40fa40f722043957a56324174ec6f80389391971","sha256":"e973901e74ff65888bbe2e58b95cfb957d5db316bb185a106f543d99176d1d65","sha512":"3cb0d6b77ac49d3c6c5c5740efa2fd9e3e0c79158c88a9d4f0b709f4713a38a7b72109a2b4c636377c783effc3c6457c718d8cdc2e9c7577db9691562e95375f","ssdeep":"192:90DuIfY7JtjC5ydUypH82+H8urFLR7BD4GOUo1MQl+B2GHPpB3QE7WA+MWnBP:9guIw7JtWqmhfldD4Eo64UgH3nx","tlshash":"4f1261ccf661b0764a377460623f120fe276a46d200a4468f598e4ef6cbe14d94abf3c","size":9875,"data":"","first_seen":"2023-03-07T12:05:56Z","last_seen":"2026-06-07T01:38:16.191432Z","times_seen":1411,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/lib/jquery-1.11.2.min.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6355f3cc28006e33bad2e765cde30e0d","sha1":"909cd6318d5047f3c8e83528253b256981394414","sha256":"39eed2d24faf4985b922b64d078f106edba6b3b84d5385e483a5c7bd69201da7","sha512":"b22d3868a7b311f82bb149f8afccee03c68dcd5e7152a061b8e18d97aef794b106dd1cc081d49f4d638193924ffa5885239cf67152fc339ff0cf3cd1d194d175","ssdeep":"1536:0Hg1kz+hAmcGmVFnlkFybx+amELolY+30k1dml+BQZX6YPnrCtn8JkDnlwMxVW2:0HDdc2F3c2G7mIW2","tlshash":"13930add76c2b06387a720b9506f550bf276599e280c4440f268e8fabc7ca49a137f7d","size":96382,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T18:09:19.523096Z","times_seen":1824,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"17e942ea0854bd9dce2070bae6826937","sha1":"434cdec1669f2c6c7406297a72120936bc56ed52","sha256":"72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26","sha512":"3f0439fa3817c71a6b34673cd32707137b29823e93b8389e1deff24e46c427e5396a897b753ba98bfe156f01c7ce54155bbed56f418b388b22622807802e6f72","ssdeep":"1536:1UXY7qLtpHt2Pqe1mZ8I6H82RaLiMBlo2VV2B/S/g:MYeJpN2yefjMBlPV00/g","tlshash":"529308dc7299b07157eb31f1107f140bf2365a19ac0ec194b222e4e67cb984d92abe7d","size":93675,"data":"","first_seen":"2023-03-07T01:18:07Z","last_seen":"2026-06-07T08:22:31.044218Z","times_seen":4057,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/sockjs-client/1.3.0/sockjs.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0a01fa31e644ca44836356a172ba7c9","sha1":"e81438a79e8a7f34423168c70696cff2a820dbf1","sha256":"840ea076b43dbf564a909bb082dc287740a96f3c4483fcc024f7176306daecc7","sha512":"a18f9c600996f8f31c046e80334cc794efff550c2286bc822ba7bbc197d99e4ce5f032133866b18cb9743a717b76e578cdb2a9fb5f6ebe42614d08ea1ea2e47c","ssdeep":"1536:XFWQV1ZGORGWiB67hAHLY/IyYT3uu+OLFckh:XFW8tG967hAHM/IyYT/Law","tlshash":"5853e8c5f46134a213e7a2b582bf11032376953a640c85b4b798dcf98d7d98c532bf7a","size":62797,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.117219Z","times_seen":1156,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/app.09610774.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"3dc2a1d16af7ad443d7e934f745dd80e","sha1":"81afb63a77517281ded685fbf13accb55888eed6","sha256":"2084618e46fcffeb8876ae33ce572e8e6d7c8b3386857e0a3b17f0c0d4600aeb","sha512":"5166289574bf93c00ab0fbdf85240cab21cc376cc91776c22fbcfaae1a28e367170196cf2c2264b260a1e33df0635c65eb751844a696735c7e8b62bbe1abfb7a","ssdeep":"12288:m7Fs6wQZIflEQrEf4oYZq25hJ5C2xp2GFsA2A45tsoEk0zgPAiB2oau9j1+8HWlK:sqER5T++j3","tlshash":"a7356bd822eef7b511429549410f3b3c42191fbaf156d2919c72e98839ddff48233eaa","size":1112124,"data":"","first_seen":"2026-01-27T15:16:56.867654Z","last_seen":"2026-02-23T12:54:01.628858Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/core-js/2.6.9/core.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"622c4c9d5dc4b1ee29a2eb908186ec88","sha1":"491753a3f979f7d180af11e1929ffff85e30f921","sha256":"794d1c7ab27be77d366e0497e641488e50f5ae6581b4db51cc08de1e142eb47a","sha512":"2b2485006e3a36dbae0d0d8488ab63ae6085c34d5a6f72c3558c52b492294c157f67ce47c1c3b89498db9ff72f748485fedc04a881f1877f903cfa0df1c8be8e","ssdeep":"1536:PLFpwkiSucuVH8MBfaQQ979S17LMgRCSRjMbEjeb6Gt6UQ:PLbw1Sucu3Qw8gc3gk6Gt61","tlshash":"1f93618cbec6f06642636675413f900bb27a1a86745f89d0e12ed1e4bc7c98f413be6d","size":92050,"data":"","first_seen":"2023-04-06T20:58:39Z","last_seen":"2026-06-07T01:38:16.184989Z","times_seen":1466,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.15.7/locale/en.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"05c65efd7ab47381eac414b929c80d11","sha1":"c0fbfd65eaf0a9a92dedbc93b1b1d7d8c55f8094","sha256":"d6361676df25451bfb74c691c9304ba709919cd4dd03d3c7bd5f999af7a6c597","sha512":"3ca05b333100d916cc783022dcc5b5d0210351e5ff8f184bf7e6450f63f919dc6c28e330d2f49de7a452a7cbee975a68872a3e2d3cbeb99e255e2827b59674ad","ssdeep":"","tlshash":"0a71fcff49b5406a4135dc19659f6407616180ab4e28bc397fad53a82f8cc1ca0feed5","size":3516,"data":"","first_seen":"2023-12-31T12:39:44Z","last_seen":"2026-06-05T01:07:25.344623Z","times_seen":411,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vant/2.12.44/vant.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bd964aefdd330a73c62c045d6b31e66c","sha1":"f7021d4ccab3188fc2c0f7ad8c51f88cda28172e","sha256":"4e685208d134a61fdf4e8fa18b054f5ca2b522813f9bf591db4ac4b42ef16598","sha512":"b9c22baff22e7711c36f2091e37825b9e865ce1d2ec8476f697712c62c51e4604a961e8182950a67cedd060d7ebb720784fecb4f4b46f8d98164badd580dac0c","ssdeep":"3072:RuhM/vLqNdJXyzFg0xnnx7XJ2pviRq4jtSr1GM6TyrfXc556SdryZMyR7:MhM/GU6KRBx+rRSPyR","tlshash":"be44e78ab1c5b425079770b5403f110ab237298cb81a84dcba79e4e66d7ca5ca13ff7d","size":278598,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-01T10:56:00.23193Z","times_seen":232,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-182e5dc3.defb634e.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"eff859afb8a3df275b2d92e31472c68f","sha1":"fc245e439d856b97ff9c57e607ef2977fe61ed95","sha256":"1e109c80af9009e7cd9b560508daaa05a613fbf24ff62734e97e04a51db6572b","sha512":"a23f03ca3d27f47e8fd70c828f4d30f6ae5fc6d933fd825f9b6c900890cc58934c4d8ab92175f8ddd4a1686902140352553d54d4e15de811851d465f0abd0bb4","ssdeep":"96:hzOO/KhO/KPKaLmmxQKhMEOGpGjBMdvSNbB3wgsq/rIBNlujujDj7hlSPitAMLcg:hN1KhMdMGtUcw40zcj2P2VWHl3PgpliB","tlshash":"4e325509b8c7f166cc6aa021412f2535e17a7ec55422f141eb34cde0a6b9c792b2df9e","size":11914,"data":"","first_seen":"2026-01-27T15:16:56.813731Z","last_seen":"2026-04-14T15:55:46.960544Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/lib/flexible.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"2481028b2f8ae3f9f9c15d0899705aab","sha1":"175d394457b861cf64b9347d243fe3f179048faf","sha256":"5fc76e812ff59a1e0a2faecfb1db22cfa4af69efafef2f3bde03494d543acc1e","sha512":"7b48ed3af9b9330ccbff7a8a9b7dbb1eeadc4356acc22f68a821d435b8cd85e82bc453d489355ee0679cd5ef98feda4c0be8599a0568c1a20bd6d8901669e5f9","ssdeep":"","tlshash":"fb81322806e722361e2330348fbf210539728067055ace447d5ee79e6fe4a654ef6bf5","size":4071,"data":"","first_seen":"2023-03-08T08:46:29Z","last_seen":"2026-06-01T10:56:00.253522Z","times_seen":284,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"3080app.com/js/chunk-182e5dc3.defb634e.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.212Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-182e5dc3.defb634e.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-2e8a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11914,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11778), with no line terminators","md5":"eff859afb8a3df275b2d92e31472c68f","sha1":"fc245e439d856b97ff9c57e607ef2977fe61ed95","sha256":"1e109c80af9009e7cd9b560508daaa05a613fbf24ff62734e97e04a51db6572b","sha512":"a23f03ca3d27f47e8fd70c828f4d30f6ae5fc6d933fd825f9b6c900890cc58934c4d8ab92175f8ddd4a1686902140352553d54d4e15de811851d465f0abd0bb4","ssdeep":"96:hzOO/KhO/KPKaLmmxQKhMEOGpGjBMdvSNbB3wgsq/rIBNlujujDj7hlSPitAMLcg:hN1KhMdMGtUcw40zcj2P2VWHl3PgpliB","tlshash":"4e325509b8c7f166cc6aa021412f2535e17a7ec55422f141eb34cde0a6b9c792b2df9e","first_seen":"2026-01-27T15:16:56.813731Z","last_seen":"2026-04-14T15:55:46.960544Z","times_seen":25,"resource_available":true,"data":null}},"time_used":278,"timings":{"blocked":101,"dns":0,"connect":0,"send":0,"wait":176,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/517eb6b7909843d9a2172935473941d8_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/517eb6b7909843d9a2172935473941d8_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:15:27 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2366,"timings":{"blocked":2175,"dns":0,"connect":0,"send":0,"wait":178,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/3ff82efdaa984ecd952105b32830477d_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:51.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/3ff82efdaa984ecd952105b32830477d_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 70911\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 18:53:21 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70911,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 980 x 980, 8-bit/color RGBA, non-interlaced","md5":"c95ab0db6212f241858d269c406af4c5","sha1":"6670be1147d3033b640d5e901d81098460f1d646","sha256":"34a7fde3096275fbc3debc6963e9156f32271886d6d6f3126067d0a7407754fe","sha512":"3dd93150fde29a1b7f1bdae4d9678daa28703eac4dc11b9570f17ff733684d9a604af9b91c023badc22f69e63556de12b3da633f7ad348ac0e2373224053a0e8","ssdeep":"1536:OAWn5JwkLDgr7rIBYHssu+jJzx963qK6om7ae5YQeFyxQGAJuRVA:HWvLUr/8ufu290qK6om7aiCyjAMHA","tlshash":"6c6302534babb125cdffe03014c3ceb8996286583b162c7cd9f4e218936690d229dbc9","first_seen":"2026-01-27T15:16:56.823381Z","last_seen":"2026-02-13T01:17:51.146991Z","times_seen":16,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":181,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/api/common/translation/list?lang=es","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.015Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/common/translation/list?lang=es HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: null\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T06:05:52.434608Z","times_seen":5283,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-1b5a0ff6.73cdd133.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.356Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-1b5a0ff6.73cdd133.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-af1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2801,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2801), with no line terminators","md5":"f20fcc67b5bcdbf76d1fcaf70e39cc94","sha1":"fc9dd05191827fd72e5de36cd3a1b6e4512fcc7f","sha256":"ed307e364c733c0e394bad53e71b12208a2d289df7ea3e06c520a546740d85b3","sha512":"c0e601058a9b08c3c566f0b78676591257246a010aca294414fc3399ca847af9a76821f627962773b95f5188226b4be8917b1c3d01431f3fbf94c68632bca4c0","ssdeep":"","tlshash":"cd51842c7192f4bd4e67b1a1452f7216e13a36451035e881f760cdd0a7e5c5f523ab3a","first_seen":"2025-07-19T12:02:29.488808Z","last_seen":"2026-06-01T10:56:00.199979Z","times_seen":68,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":114,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/api/banner/4/list","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.578Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/banner/4/list HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: es\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/m/index\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T06:05:52.434608Z","times_seen":5283,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":73,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/55e5a7b32e55425d9284247e7ba97e4e_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/55e5a7b32e55425d9284247e7ba97e4e_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:16:28 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2551,"timings":{"blocked":2361,"dns":0,"connect":0,"send":0,"wait":179,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/6d30bafa085f45669e12df80fba83fa0_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/6d30bafa085f45669e12df80fba83fa0_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:18:00 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2755,"timings":{"blocked":2563,"dns":0,"connect":0,"send":0,"wait":181,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/b8c0eb9466284203aa50a0c7bb57e38c_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/b8c0eb9466284203aa50a0c7bb57e38c_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:24:21 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3666,"timings":{"blocked":3470,"dns":0,"connect":0,"send":0,"wait":193,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/1dbd842c559b4178b8b9fa0b701b139e_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/1dbd842c559b4178b8b9fa0b701b139e_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:22:45 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3453,"timings":{"blocked":3258,"dns":0,"connect":0,"send":0,"wait":184,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/lib/jquery-1.11.2.min.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.168Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /lib/jquery-1.11.2.min.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:45 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-1787e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96382,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6355f3cc28006e33bad2e765cde30e0d","sha1":"909cd6318d5047f3c8e83528253b256981394414","sha256":"39eed2d24faf4985b922b64d078f106edba6b3b84d5385e483a5c7bd69201da7","sha512":"b22d3868a7b311f82bb149f8afccee03c68dcd5e7152a061b8e18d97aef794b106dd1cc081d49f4d638193924ffa5885239cf67152fc339ff0cf3cd1d194d175","ssdeep":"1536:0Hg1kz+hAmcGmVFnlkFybx+amELolY+30k1dml+BQZX6YPnrCtn8JkDnlwMxVW2:0HDdc2F3c2G7mIW2","tlshash":"13930add76c2b06387a720b9506f550bf276599e280c4440f268e8fabc7ca49a137f7d","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T18:09:19.523096Z","times_seen":1824,"resource_available":true,"data":null}},"time_used":538,"timings":{"blocked":163,"dns":0,"connect":0,"send":0,"wait":195,"receive":180,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-0a888720.79a39264.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.141Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-0a888720.79a39264.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-2d60\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11616,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11540), with no line terminators","md5":"0b9e6201702e9ef11c5c3a4c3a1f64f9","sha1":"6a4748a1758daff2fd25b236cd246633e3873f7c","sha256":"6996d0a4d1e3559b00e7cbfcf627f6816a0a5a06d9e7be3c9226c3a68b95e459","sha512":"e44f5d8391c63c17a3a90119c8aedfd7a4120d0d3903b5a2b00219bfbcf65ab7339db503af7bfc071e39622dd50b34babce8fa8e3d2af596cb7975903d15e52d","ssdeep":"192:3ugiH+ttVS72rfDyFqINV2bYWqNVqV8tQhrqj44ACc51YZ0E:3uWfDQOb31atQJ4xARqZp","tlshash":"a832a88d72c7f01647a77331d01f100ae27aa998f4099185fb28d9e1b875859b32bfbd","first_seen":"2025-04-09T11:39:55.963244Z","last_seen":"2026-06-01T10:56:00.228919Z","times_seen":107,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":31,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/5c0516b739a54ea4a72b5856badac3b1_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/5c0516b739a54ea4a72b5856badac3b1_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:16:11 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2513,"timings":{"blocked":2320,"dns":0,"connect":0,"send":0,"wait":181,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-2d21d0c2.3f86d8ae.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.552Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d21d0c2.3f86d8ae.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-4eac\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20140,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20140), with no line terminators","md5":"98fc4f7d659f3ff5fe223a0005d30e5f","sha1":"8464c1b8138ce0a4b902c403fbbd61887b215a6f","sha256":"3b4fea3e5f45315e8243cf56781d0df5722e6133942671dc592ff479ba8213e5","sha512":"205b160455a2df2174059f4306d93b67d21c207f50caebf6006df72c501c954aaff7770273e5a68c9190e82251c6f62cdec564eaa28947bcb6143ed41b6029ff","ssdeep":"384:S3v3YBYcL1rAAdTRA7v0zwrmSHHHsglQFx+m1OPNtOVSLMyoLyUhyytGojYPFKp:9zwrmSPG8DOyZUoy2m","tlshash":"4f92e6e9f35542f6525d5cc5286f201ba4b0a4262c1a41acbfb5c0e7e8b8fd1787af70","first_seen":"2023-03-10T03:00:05Z","last_seen":"2026-06-07T01:38:16.22947Z","times_seen":1222,"resource_available":true,"data":null}},"time_used":428,"timings":{"blocked":245,"dns":0,"connect":0,"send":0,"wait":182,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/8b21f5c971de4718a4b865c6cee1d537_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/8b21f5c971de4718a4b865c6cee1d537_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:18:46 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2865,"timings":{"blocked":2673,"dns":0,"connect":0,"send":0,"wait":181,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/bcdd8c4a0ae04bb29de271180feefc88_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/bcdd8c4a0ae04bb29de271180feefc88_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:20:01 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3052,"timings":{"blocked":2861,"dns":0,"connect":0,"send":0,"wait":181,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-f438de52.b3979a8f.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:49.273Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-f438de52.b3979a8f.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-26b4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9908,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9828), with no line terminators","md5":"5f3e3b3cbd0913dbe7a4059ba0b393b5","sha1":"0b3e152c57fb42963b1c4203ef3b660bd058dc9e","sha256":"b616c4e67a7ede46fd307a729f5770f2f7d90186720efd9c939e50a4d76006e1","sha512":"66296a292165096d152a5bfb42bbc36d6639cd205737583c263017e2f4683d22384bdd3459b9d08b39107e1f0c55570025e29dc4dc2217bfb1cb8acbb0adea78","ssdeep":"192:KoTYBNJHelxkoOt96Fbq/7bTIqNLq74GM1ql44kNWOwQ:KoTc/hb0bnWqxkUO/","tlshash":"3112948db2c7f15987676221d11f101af23a5999f409c085f328d9e1b8f486aa72ff7c","first_seen":"2024-06-22T16:59:38Z","last_seen":"2026-06-01T10:56:00.256356Z","times_seen":115,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/static/tabbar/home-sel.png","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.536Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/tabbar/home-sel.png HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/m/index\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: image/png\r\nContent-Length: 884\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nConnection: keep-alive\r\nETag: \"696a4a2f-374\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":884,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 46, 8-bit/color RGBA, non-interlaced","md5":"d59d49d76d7ff3107fc82e2d48b06216","sha1":"2bfec006bc3a8a7c65ca34d3c3e92df5d488d1a9","sha256":"9572873a018cf0366633a07c9ec33192ad6180751c8f1c7396ae734f7ca46af4","sha512":"dab4a0283652f7b58bb2c082c5f30233b13f052e5aff041f44c10b092e68e94c4af73b0e1d31804fb9c1c77d2a7108910907bc1d0474e9072790af4a0b4bd04e","ssdeep":"","tlshash":"f611b3437b233c270ee2c1b3141510c46a63b232c1a6a5380554000ac1e70e0ebdf1ab","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-06-01T10:56:00.220272Z","times_seen":90,"resource_available":false,"data":null}},"time_used":471,"timings":{"blocked":293,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/c884debd5b624b0abdf10b72d0803b61_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/c884debd5b624b0abdf10b72d0803b61_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:19:11 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2897,"timings":{"blocked":2704,"dns":0,"connect":0,"send":0,"wait":182,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/2ef1c10ca0e24f419314529a9dd2d862_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/2ef1c10ca0e24f419314529a9dd2d862_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:19:22 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2921,"timings":{"blocked":2731,"dns":0,"connect":0,"send":0,"wait":179,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/banner/202601/17/951dfce7b0cf484cb38704650c0466eb_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.245Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/banner/202601/17/951dfce7b0cf484cb38704650c0466eb_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 14547\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 17 Jan 2026 14:58:50 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14547,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced","md5":"567f222c91a0adf2736760e9bd1ebf4e","sha1":"8f8df5a135c97c0b14c0fb5573ca00e822a19e9b","sha256":"cee5b962a078c675d90e9a0f9cefda41478d9a93e80ee69a0131e8931a531aef","sha512":"1155748926bd0d7379a8140f969caf8d6bcb508657c9a3a819501a008c8a114e745ff2f597d400147bf43147c0949f8016868d074781003c54ca66c3826f2d72","ssdeep":"384:6gJn5nsqCGCJs8P63+vOt1PAmO+INCl7SuIo:FJ6aif636FUIND4","tlshash":"c362c1ac36462c11a704fb24ce8414e3a7b314f0d2436ba39dc8dae61d715fa5c956dd","first_seen":"2023-05-02T09:51:09Z","last_seen":"2026-06-06T04:24:34.458909Z","times_seen":321,"resource_available":false,"data":null}},"time_used":1084,"timings":{"blocked":901,"dns":0,"connect":0,"send":0,"wait":182,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/axios/0.19.0-beta.1/axios.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/axios/0.19.0-beta.1/axios.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 14:01:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 4213\r\ncf-ray: 9c71fb89bab64e4c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03d6a-3546\"\r\nlast-modified: Mon, 04 May 2020 16:06:02 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 844644\r\nexpires: Fri, 22 Jan 2027 14:01:45 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=T128qcbzumwNWaCU8pEQoQjmr24KJd56Y6rKLjbii8JpPa3h4oSKshM%2B%2B4lKFTuCmZ86qNSzODvuq8ZEW7EBRDY0Puy%2BVRAT7gwgm6rD27y%2BgFn3GUQ%2F7%2BoDnUfx9L0mUeDWFOGG\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13638,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (10313)","md5":"334149adf44476f28bfbf16c7b0382c2","sha1":"ad2ea246ebb53ed655ab50d44b33d4d6f942387d","sha256":"6d2c0a450a04b5d1492f77d7e512fe6af26e95c2feac596825f45e71b9ffa4d6","sha512":"0f9d66a68e400a2499cc1dbd79331892e9e62e278d8b4784e354b7a281c91fcc1401eedb0857ff6911d842ea853d39081b459fbdc0e30d927ee93b5ba1ecdbea","ssdeep":"384:hpI8XyWPbWeAExXqgxH7RqzGbcQdVzxbUm6HwT9eei:LbXdyGbcczx/6QT9e1","tlshash":"f25285ce7861b0a757e320f0805f4a0fb2b6552a754d84a0f660e9f66db542e8733f5c","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.11665Z","times_seen":1178,"resource_available":true,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":2,"connect":4,"send":0,"wait":11,"receive":1,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/0e69f801623f47c99e9b8e8981f69392_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/0e69f801623f47c99e9b8e8981f69392_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:11:57 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":1978,"timings":{"blocked":1781,"dns":0,"connect":0,"send":0,"wait":179,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/4c903a59479c442ab32035d30498663a_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/4c903a59479c442ab32035d30498663a_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:20:51 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3127,"timings":{"blocked":2936,"dns":0,"connect":0,"send":0,"wait":181,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-7fa7af0e.e91d9701.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:49.159Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-7fa7af0e.e91d9701.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-d88\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3464,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3464), with no line terminators","md5":"14703ba2c4885d4136431727be3a424a","sha1":"d2cf20082b9d5e7b2c30cb3ac41e8b29530aba1e","sha256":"3aa3fce945d572a167eb8dcd64db9ce7138980e57e3e9fa9d7bfbc02fd3dd189","sha512":"b81dc1c4e01bca729b8b001122aae12bf5b562372d035d8a4e78a0bc911bc56c242d9cdcb6f6239ea82fc9f72b2e9dfcf590e20a8e8572a60f38dc036dd3020e","ssdeep":"","tlshash":"fb61a5093b5af4a9cca7c266401f1625f05c6a69b034d4c8f370dae0d5e4caa03aef1e","first_seen":"2024-06-22T16:59:38Z","last_seen":"2026-06-01T10:56:00.211035Z","times_seen":252,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":181,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-206d39cc.ca6a7c12.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.619Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-206d39cc.ca6a7c12.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-25d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":605,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (605), with no line terminators","md5":"9859ac42814ba16915f4bbde321961d0","sha1":"6981964e0e7f875688afc8f3bc15607aad67c663","sha256":"7632b8d3825c45debf2fd39b10c62cbd2405f512e63d776bedfcd530ab2a0464","sha512":"659c8ee4eccfd3b98c54a9b721e9bf465190e8fcf2cfc8ac5cfbb66748fd7cd05dcb6ebe4b7ccb36fc9664da3db545df3d55fa5980ec2ec1a8967922ebf05cca","ssdeep":"","tlshash":"bff0dd36391d0029b42ff66ec4800af4813ce143a21b4aea3a0a7362af971da30586c5","first_seen":"2025-04-09T11:39:56.05907Z","last_seen":"2026-06-01T10:56:00.225873Z","times_seen":105,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/f8301bb0d5bc41ea97e311a2d4f57cdc_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/f8301bb0d5bc41ea97e311a2d4f57cdc_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:10:35 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2518,"timings":{"blocked":2325,"dns":0,"connect":0,"send":0,"wait":183,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/9b328c7e421d47b89d5990dbd102bb9a_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/9b328c7e421d47b89d5990dbd102bb9a_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:22:33 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3420,"timings":{"blocked":3227,"dns":0,"connect":0,"send":0,"wait":182,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/1ea729f631664cba87cf916cad333570_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/1ea729f631664cba87cf916cad333570_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:21:26 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3234,"timings":{"blocked":3043,"dns":0,"connect":0,"send":0,"wait":180,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/99a50c8c533947df80a1a60dae7c9327_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/99a50c8c533947df80a1a60dae7c9327_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:14:04 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2160,"timings":{"blocked":1963,"dns":0,"connect":0,"send":0,"wait":183,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-74757738.00ab3f07.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:49.137Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-74757738.00ab3f07.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-14ab\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5291,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4975), with no line terminators","md5":"102639d3a47290757dc5ad3e5a49c7df","sha1":"98b8f6b16bddd9cdcb020c0892f30c9ffe374f21","sha256":"5b8eb0bc42f9affd0e3b34f9f47922122cf3f406d9ec27fad583bfaae5bfd87c","sha512":"38740c561378b07e338fe9b60a70404d22b7fa1380ab15cea5b587da87d84ce12c0fe9e3193e36c5092eda680f82da31bb087fa085b2b8adafce8f6fd8b8cca8","ssdeep":"96:VDu9208GaSVN7kCQfYpGjfwByP2pPhqqtPeVrWpI8Lsl0uS6sl0LDLSJRm5q:VB05aSVNWRFPHMIEuzLDLSv","tlshash":"dcb1fb98f5f7a9e81df68281b03d70195232f1249c03e1d5f77685ee49b6f10150fba2","first_seen":"2025-06-30T02:18:00.864288Z","last_seen":"2026-06-01T10:56:00.232456Z","times_seen":77,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/static/tabbar/mine.png","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.553Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/tabbar/mine.png HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/m/index\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: image/png\r\nContent-Length: 1848\r\nLast-Modified: Fri, 16 Jan 2026 14:24:48 GMT\r\nConnection: keep-alive\r\nETag: \"696a4a30-738\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1848,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 42 x 46, 8-bit/color RGBA, non-interlaced","md5":"feedd3f006c5e1f1faf22cf2ee250c39","sha1":"838e94489b8cac4da6b3eca3274dd25204bb70d7","sha256":"385b2888b16f8eb27611e9296b5d4ec60f4d75361603d51d6c8d54706f81331e","sha512":"c7656c033ad34733d8f8cdc3d64241c64b7a5ca3184a8a418f458b9c39967c7def37d7a34818c7aaa3f88628232f0d822ae06cf4fa891bd8a5ae48ffee94be6a","ssdeep":"","tlshash":"053109803b1ad87e32264f33e7723d9ad6341368ca10032610b12d80b1099fa06fd6ab","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-06-01T10:56:00.262069Z","times_seen":90,"resource_available":false,"data":null}},"time_used":460,"timings":{"blocked":283,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/2909ee5570a8437888eaf4c0d442cfbe_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/2909ee5570a8437888eaf4c0d442cfbe_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:11:14 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":1864,"timings":{"blocked":1652,"dns":0,"connect":0,"send":0,"wait":184,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-13ee2c88.cfa5704c.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.201Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-13ee2c88.cfa5704c.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-5181\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20865,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (20535), with no line terminators","md5":"33c94d891c02fa7b1c1c79c7f0bb273c","sha1":"979c7ac6009966a8f7a1bf4a56f4af8b284a9156","sha256":"0b52197469cfc1a4b92594d515112f1db40f7b9edb2487e1b0e916bb739138db","sha512":"ab893d5df6acad9fe87a260ca1f846852ee413a5e9a6dea659bbb894ace369ca0cedb97719ee75371c5760209e02f987584753cfdf3cd4398ef3ed9863b80a55","ssdeep":"384:Ytz23MbmZeudvQILLLFZN1nxwL4pUxNhOo:YDmZYCJX1nxwMWnhOo","tlshash":"b192d88871c3f01606e37121902f2149f2797d89b809d55aff78d4e2b879959722bfbc","first_seen":"2025-04-21T10:41:38.078267Z","last_seen":"2026-06-01T10:56:00.197169Z","times_seen":87,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/banner/202601/24/49e9695edc2d450f8974d85ed5efcac7_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/banner/202601/24/49e9695edc2d450f8974d85ed5efcac7_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 461626\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 18:22:22 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":461626,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 699 x 650, 8-bit/color RGBA, non-interlaced","md5":"3dc1b58a841d5aeedf9620ca3740989c","sha1":"653d838a8f06afc4cfab2e95c5615313f51d4564","sha256":"5b8a127101b231608c3cfe20eb3cfa28bca0719ed8a451459b80e7a3c99494f4","sha512":"4418116a7ec50ca14de738ff222cc127a06a3e9a26f63d0b27c55d7b4b5e6c10a38be6bb9b5b6471aa3a34297e901402c234255ae1bb2a2d379a12d98dce9e58","ssdeep":"6144:03oGlwdpUnfMFGUUaDb6JmEHZtXvgIla/sTUi5XCAEzk6i9ULJbYebIUGq4W:9bAPUUaycuPg5/2UAXlET2UeeP","tlshash":"09a423f262118d4ceb43138589254c13e731a47f96bb771f312dea9a0e5b13b5f2889b","first_seen":"2026-01-27T15:16:56.812737Z","last_seen":"2026-04-19T23:00:56.62035Z","times_seen":17,"resource_available":false,"data":null}},"time_used":1920,"timings":{"blocked":1684,"dns":0,"connect":0,"send":0,"wait":193,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/b0c3e7a2f0224bdf85d9c4a0efa158d2_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/b0c3e7a2f0224bdf85d9c4a0efa158d2_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:09:55 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":1914,"timings":{"blocked":1706,"dns":0,"connect":0,"send":0,"wait":179,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/static/tabbar/work.png","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.539Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/tabbar/work.png HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/m/index\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: image/png\r\nContent-Length: 1736\r\nLast-Modified: Fri, 16 Jan 2026 14:24:48 GMT\r\nConnection: keep-alive\r\nETag: \"696a4a30-6c8\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1736,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 41 x 48, 8-bit/color RGBA, non-interlaced","md5":"bdbb6ff7b3a99d44d2b5d0a81bae3261","sha1":"117ad42cb03a00523864aef54bf83fe96292d401","sha256":"05c5c12d4f4cf615f695ab94b8ee03a2a62d4e560e930940d7f14e7b039bfc42","sha512":"c670cb3ad8b3b3da42d907738a701d6c2927728a00184925566bd906f1ca41e2a0acdae5573e5ceed8e158b7533c8f492c032033bfb6b90d8cd493c865b7f628","ssdeep":"","tlshash":"b731e96b29841c9c489055e943365ea88c2c2b9d3e3a7e24e1048aaf0a0d2f988ccc99","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-06-01T10:56:00.190819Z","times_seen":90,"resource_available":false,"data":null}},"time_used":471,"timings":{"blocked":293,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/8f93181c03ae49419642e4a483191928_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/8f93181c03ae49419642e4a483191928_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:19:33 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2943,"timings":{"blocked":2751,"dns":0,"connect":0,"send":0,"wait":181,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/f03e9d55ea3c42d88050691d7babfeb8_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/f03e9d55ea3c42d88050691d7babfeb8_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:19:45 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2960,"timings":{"blocked":2767,"dns":0,"connect":0,"send":0,"wait":181,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/banner/202601/24/2aa660c475734e1098cf07b8d962d31c_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/banner/202601/24/2aa660c475734e1098cf07b8d962d31c_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: image/png\r\nContent-Length: 892490\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 18:10:54 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":892490,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 699 x 650, 8-bit/color RGBA, non-interlaced","md5":"e38d9df1f0ad8fae8088941d8fa7fdbf","sha1":"8261f3e67641c5cb77fb7d9956e1142b7cca1128","sha256":"f2de3f4136d62da3fb197809e92b8ae2570dc783d434e6894978606c00efb715","sha512":"1dece1918d87ece8b3e4eb9e35a0933a871ddd6ede969fd4603cf5d551d0b8682c21fd3b112630732bc0ac99e8b1edb57ed4b94d1d021c5b4ef82260970ba39a","ssdeep":"24576:lISSnLyegVfBGJepDyc+kO+FJumnqGZDaDnHRDaMBuG:lISmnqG4Naq5ZUxmMwG","tlshash":"ec153360c47b8abbe7869def5d1406c5919e7703abe293d5f620f0c8e8c69413c44b6b","first_seen":"2026-01-27T15:16:56.833417Z","last_seen":"2026-04-19T23:00:56.531918Z","times_seen":17,"resource_available":false,"data":null}},"time_used":2258,"timings":{"blocked":546,"dns":1,"connect":179,"send":0,"wait":358,"receive":808,"ssl":362},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/b425324d0bee4ce18dd6632df7220c61_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/b425324d0bee4ce18dd6632df7220c61_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:18:59 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2892,"timings":{"blocked":2698,"dns":0,"connect":0,"send":0,"wait":182,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/c186c15d4a3c491cae3f07e74a276441_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/c186c15d4a3c491cae3f07e74a276441_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:23:31 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3517,"timings":{"blocked":3322,"dns":0,"connect":0,"send":0,"wait":183,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/35fa4c2be23f49118af4b4518ea31450_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/35fa4c2be23f49118af4b4518ea31450_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:23:42 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3606,"timings":{"blocked":3415,"dns":0,"connect":0,"send":0,"wait":180,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/1fb08b7c99c0479f8d450028a9e7959e_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/1fb08b7c99c0479f8d450028a9e7959e_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:15:06 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2326,"timings":{"blocked":2132,"dns":0,"connect":0,"send":0,"wait":182,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/5314d660f1d0447db05152aa71810c30_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/5314d660f1d0447db05152aa71810c30_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:21:03 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3143,"timings":{"blocked":2952,"dns":0,"connect":0,"send":0,"wait":181,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-2d0e923e.8d2e366b.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.256Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d0e923e.8d2e366b.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-e4a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3658,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3488), with no line terminators","md5":"5cd88b23fc8f2931b4b8f4d7174fbe3f","sha1":"71e4990884653e12960999e9885d034b71a403d9","sha256":"20469603c96e56a4fe21c108bbc580962e51abd5920005f3e6cc12c0a77e96d6","sha512":"c3dd8dc3202c3fccd5cbb47a83a41b4164972fa459485b44483ebaf748a1a7722a855165d9ace5a417bcf5026ccd7cd7b7b376b7c575857da45d6e8adbed082f","ssdeep":"","tlshash":"6271c79688d3ff9cec266054104f316850313a8b6916e2e8f37855f2d7aab69070f72d","first_seen":"2024-04-28T18:22:38Z","last_seen":"2026-06-01T10:56:00.259299Z","times_seen":123,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":115,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-4a224979.246b7db2.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.993Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-4a224979.246b7db2.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-c61\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3169,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3083), with no line terminators","md5":"b4792c42c75fef8ad3f1159ef3fdb587","sha1":"21aabf5cb8110e614dab5f8ecba0e13299d76b77","sha256":"156be5bc11c900d5ec8ce330e36aceb810a1a118a4442427ad028e6af93ad289","sha512":"e0c2ba5af9242e54f2771a0595fed02237726bedd33bf0e193c1650716017011392da1d3116c5311863e68c80767b05a59561ffb46210213b98a2c08c31a5dcf","ssdeep":"","tlshash":"0d511158a447d2aa9c9f9063e51d1731f1b57febc402d083e3b4ce805658db4372fa98","first_seen":"2024-06-11T23:26:01Z","last_seen":"2026-06-01T10:56:00.208381Z","times_seen":121,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/app.09610774.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.163Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/app.09610774.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:45 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-10f83c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1112124,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (52579), with no line terminators","md5":"235f6a89b9f0d57ed8740c1d2b474a2c","sha1":"f1aad7bbf4a169fcdd4f1632d40c0fd0bd0c6842","sha256":"894106e645165260ed5a8fe1d9162cd7f7743969172c22eb7f3d48e68cd45256","sha512":"f1dea5e2c332c1097d9091b3d070672be1c551b2b3350ea0a5147db7d2203951503d20cac085af8cad83a5b40f191c48cd94d1b3f0c6c81df07de25c2dfb2bcd","ssdeep":"12288:m7Fs6w4q25hJ5C2xp2GFsA2A45tsoEk0zgPAiB2oaH09j1LCCo5IaOh7E2bapCnW:sqpR5TSVj3","tlshash":"d745189862dad3b40ee1f5ec22062774662eced5d28de64f0a35d2c438eebf44117ca5","first_seen":"2026-02-01T14:02:22.283391Z","last_seen":"2026-02-01T14:02:22.283391Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1261,"timings":{"blocked":165,"dns":6,"connect":176,"send":0,"wait":189,"receive":725,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/1e8293357aed4e4999bbef67e640cb5e_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/1e8293357aed4e4999bbef67e640cb5e_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:14:55 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2305,"timings":{"blocked":2110,"dns":0,"connect":0,"send":0,"wait":181,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/static/icons/ic_invite.png","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.887Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/icons/ic_invite.png HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/m/index\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: image/png\r\nContent-Length: 792\r\nLast-Modified: Fri, 16 Jan 2026 14:24:48 GMT\r\nConnection: keep-alive\r\nETag: \"696a4a30-318\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":792,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"ae9609f354c86c7572342b3465fb7df2","sha1":"9e3096deb064d95711813d6a0707b723f720b3c5","sha256":"581cfd62c526498c41d7fb2fa5091b6d11a15750cb4be622ba8bb5092467b706","sha512":"4e8e1dcd1be2903a55441b06191912db27a4d3b4f2ded175b9837a8a7a46e29ee2ab3eec8b7801443e5644643d1c5e54272147c19dfa3bb963b49ca260eec5e5","ssdeep":"","tlshash":"0f017590da270660d6ee934e8b871019dc7c70998384c34889488dff782f28dddf971b","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-06-01T10:56:00.201929Z","times_seen":90,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":125,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-20aa535d.40bcfaf4.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.670Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-20aa535d.40bcfaf4.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-b74\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2932,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2856), with no line terminators","md5":"888b5de99e3cef6cebc5c2f13b53916d","sha1":"3621f5bed8bbee870a00f73057677428c59fdc86","sha256":"d72e761bb6039b8abff19aed95c65c5e451db014e5be6176eaafd65e210fad68","sha512":"80f6ae27245bd18aa699e6118637c70e8d71934718bc5066bf173ff66ec0651f23041c48b613bf246f0a3a903f9d503f1dea8a83e18f648e2195dec35cc45314","ssdeep":"","tlshash":"5e516658b003d1aaacaf9027e51d3630d0757bfad012d083e3b4cd805a58df9271faa4","first_seen":"2025-06-30T02:18:00.917868Z","last_seen":"2026-06-01T10:56:00.23347Z","times_seen":80,"resource_available":false,"data":null}},"time_used":360,"timings":{"blocked":180,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/2b1282422e8c48caa4b5bc97d04e4702_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/2b1282422e8c48caa4b5bc97d04e4702_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:17:27 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2708,"timings":{"blocked":2513,"dns":0,"connect":0,"send":0,"wait":183,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/0470d6c4b28e472b89c5c0a52b4771f8_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/0470d6c4b28e472b89c5c0a52b4771f8_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:15:52 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2397,"timings":{"blocked":2205,"dns":0,"connect":0,"send":0,"wait":181,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/00230a118e3e43fe947a6c454d28ba80_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/00230a118e3e43fe947a6c454d28ba80_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:23:20 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3500,"timings":{"blocked":3307,"dns":0,"connect":0,"send":0,"wait":183,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/banner/202601/17/343153297eec4533a816a554eab3aec9_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/banner/202601/17/343153297eec4533a816a554eab3aec9_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: image/png\r\nContent-Length: 18722\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 17 Jan 2026 14:54:34 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18722,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced","md5":"3959345f02bfd3d6d23caea239421486","sha1":"6b3a7d485bf821b44756370daafe7887eac3faef","sha256":"9c31875158648f5fd608decaa75ef24630d45a12a9950f301fce4ac2814c827f","sha512":"5895c63b0d04e95e847d30b72cb774f65373ebc6f2b39fa9f81e82a687a85754cfb26a666c9ce61be566f2a265738da37acc893ac5f25210ccb4274f47575e88","ssdeep":"384:6OJnQgn+7xREPkpGf5Pp3t7yqujGILm2D6aOI0/Jnu6+hyQ75cV+:bJOxREdpkqujBLm/5I0tge+","tlshash":"5d82e026fb1a2d45ebd9b24a65c2663eb4671b935360e3a0fcc8ccd44c601a2d41eed2","first_seen":"2023-05-02T09:51:09Z","last_seen":"2026-06-06T07:45:56.742548Z","times_seen":321,"resource_available":false,"data":null}},"time_used":548,"timings":{"blocked":368,"dns":0,"connect":0,"send":0,"wait":179,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-182e5dc3.0a790812.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.444Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-182e5dc3.0a790812.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-7df\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2015,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2015), with no line terminators","md5":"c202062edef335b03ab084ea41017747","sha1":"7821722d7941b80e07140259e5dec0c59977fc5b","sha256":"631fe2ea4558d9538389bee411f3c13d75a6f16b446addab458a1ef2a9bf5e84","sha512":"b030da504cba969758eb8f4c3655bf004db3e48f556e5b389e09548329df4a23c05adae8b97eeaaafd0c35907afbde6054edaa9ec5e74dce4b8c0052b4963d70","ssdeep":"","tlshash":"7741426be49c2d289137dc92c5285dd542e4d623d20113fbd85b1b129fd354634e32ce","first_seen":"2026-01-27T15:16:56.824234Z","last_seen":"2026-04-14T15:55:47.015687Z","times_seen":25,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-20aa535d.7d892f1c.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.638Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-20aa535d.7d892f1c.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-45\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"24c94bdd51ac5c41571ed99206810c33","sha1":"080da262a6cef9cda0e3f1e9af67c230e5536d8b","sha256":"d39d41f904e10dc5c21717c0067df4f3906c163074210397fd695989d82e5536","sha512":"b09ad734773bb7423cdac225f237fc6c1da71b8a69ce98e8d8a15339901ecb527a5425d5c0f81d23f30a94bdea968b97cac08ed1a1f388b8c3f19c75622b679a","ssdeep":"","tlshash":"45a02220fa2eb83a8238fe002c00aac00080ab0200030030c2e2fcc80803a2338f0200","first_seen":"2025-06-30T02:18:00.788732Z","last_seen":"2026-06-01T10:56:00.257556Z","times_seen":80,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/api/poster/notice","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.572Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/poster/notice HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: es\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/m/index\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T06:05:52.434608Z","times_seen":5283,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":77,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/api/banner/5/list","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.584Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/banner/5/list HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: es\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/m/index\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1273,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8b24df95884c7be4c35ee295034da55d","sha1":"d771ca82bde608498a7d1dc256c5944930afaea7","sha256":"f3362014b8f8494236c5ecbc0cd9892c8a86f058c1dbf2ea24883866fea43733","sha512":"75bd98fe299fb684957d7ec9eaaa1861e2813bb02a22a96b049f22eb62bcfef5af5e51a6f037c11144d19931e5eeb11608feab96b20c397a0c6b5c4d0c420308","ssdeep":"","tlshash":"9e21292b87f4f8fc68d8808301ffa5ead468767bc08432a93591c95cc5de8b1a70506f","first_seen":"2026-01-27T15:16:56.864947Z","last_seen":"2026-04-19T23:00:56.584865Z","times_seen":17,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":87,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-23cea0af.d3716593.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.673Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-23cea0af.d3716593.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-1c41\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7233,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7135), with no line terminators","md5":"ea08089fa610ee4411a8ffadfd6c7542","sha1":"01d887cf565cdf69f134e85e2e55bd35fc39f0c1","sha256":"9f3747769697cc7cb715fb2810c3cc3bd9836dbc0a35dacdc94b35dec37b969b","sha512":"b2cc246ba3764ee52094b7ac59bde685166b10d83e1b17624154f14c194e93accc3e3ac34085b7624490238fa0e4ac71670a6a81958a44dc910af8a9542ab14b","ssdeep":"96:QiuRksz9+gPPX3WZfWLbDY6zwCpAUUb4vh6pxlHTlaoI0BsJADJ:3ufkWHcCpAChOxlHTlariJ","tlshash":"03e11f14b0d3f1aeecbe9112415d2a39e1317be6a405d087ba38cdd02795d753b2ebb8","first_seen":"2024-06-22T16:59:37Z","last_seen":"2026-06-01T10:56:00.230043Z","times_seen":115,"resource_available":false,"data":null}},"time_used":528,"timings":{"blocked":346,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/sockjs-client/1.3.0/sockjs.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/sockjs-client/1.3.0/sockjs.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 14:01:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 16651\r\ncf-ray: 9c71fb89698a4e4c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03fd5-f54d\"\r\nlast-modified: Mon, 04 May 2020 16:16:21 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 10361307\r\nexpires: Fri, 22 Jan 2027 14:01:45 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=g1w8PxsfGBmYWpEDnVnZBMjZrs%2FBikq9M6P%2Bibdxrf6fz9AmPYusV2CkbiuwNJzLJPkMxoa5%2BOwNMmlVWf2RYOk5mVPgbzMbLnVkyJau2u14Co9hGCpUZ%2FDu7MhabAQwfEdXuaIJ\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":62797,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (62696)","md5":"f0a01fa31e644ca44836356a172ba7c9","sha1":"e81438a79e8a7f34423168c70696cff2a820dbf1","sha256":"840ea076b43dbf564a909bb082dc287740a96f3c4483fcc024f7176306daecc7","sha512":"a18f9c600996f8f31c046e80334cc794efff550c2286bc822ba7bbc197d99e4ce5f032133866b18cb9743a717b76e578cdb2a9fb5f6ebe42614d08ea1ea2e47c","ssdeep":"1536:XFWQV1ZGORGWiB67hAHLY/IyYT3uu+OLFckh:XFW8tG967hAHM/IyYT/Law","tlshash":"5853e8c5f46134a213e7a2b582bf11032376953a640c85b4b798dcf98d7d98c532bf7a","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.117219Z","times_seen":1156,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-7fa7af0e.ed1730e0.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.968Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-7fa7af0e.ed1730e0.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-af2\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2802,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2802), with no line terminators","md5":"65777255c3090272e9fab78125aa99a5","sha1":"3f42ce9c251872515f26fc706d523518800f17e3","sha256":"ad5ecbf7349b2352cb01a3a3c8c928a0d469951ffc4ad485aa1bf62274e71aa8","sha512":"0478ec523a4888034e8840b209bfddc614f40eb8594523d7bd3e22075bdc49229a8cd9589498a27ebf48ecdf55dd38576a0fc66d208ffac76a103f6cdbbccd99","ssdeep":"","tlshash":"1051ee376214330ce427e91847dc0bae0229c22be11327ed1f626675cbd7b5e1abd19e","first_seen":"2024-04-28T18:22:37Z","last_seen":"2026-06-01T10:56:00.199073Z","times_seen":270,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/banner/202601/17/81d78a8782d6419194eadd998bd4389c_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/banner/202601/17/81d78a8782d6419194eadd998bd4389c_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: image/png\r\nContent-Length: 8867\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 17 Jan 2026 14:57:32 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8867,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced","md5":"e4a31cebcd48ee42064cf018c7f7ca39","sha1":"cfdfe2bc0addceae1a278b3200f26e892442a012","sha256":"4817a82e06c2b1293ba0c004e25171fad0907185d9f908071da98073c97af82e","sha512":"5f275514fa941b217090af718ddcd3f5e403d79a9202f3743bf25eb1420f6eb906b99f75f0802c9477d012c255b7896c754912b9d97179d96942413ddd5aa536","ssdeep":"192:BoBlcRpVLro+q/cXMr2nQFlFyPztChcQfxo5Z1S:NRpBro+q0MlaZGs1S","tlshash":"86029e15f0156c57a63bb6a6836958c0bc09d18e30860c64d7cebe997365ca5cc40ffc","first_seen":"2023-05-02T09:51:09Z","last_seen":"2026-06-06T04:24:34.473716Z","times_seen":324,"resource_available":false,"data":null}},"time_used":737,"timings":{"blocked":552,"dns":0,"connect":0,"send":0,"wait":184,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-2d22d99b.2e59ff44.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.911Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d22d99b.2e59ff44.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-f37\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3895,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3771), with no line terminators","md5":"701547107e6c26359bf15b379ac81f45","sha1":"d1d973e5688a2cc6887a70fe0fb47c07511f4af8","sha256":"f3b58341aea10d657a2f81302aa3937756bc3e61f950a464753b71ae46503957","sha512":"ec483e4c2a2d0605ab020ac15e4d9ccb007bd05e9ee7857d6d1d4e428feab6009c2cfaafaad5519f8fc63f3f823dad234bacaaa4478ea11e3f11d360f259eb70","ssdeep":"","tlshash":"1181a79ad888fc287d22d141712f31f4e11ba92ea5545bd4f7f1c6ca0ad86680a0d73e","first_seen":"2025-04-09T11:39:56.053084Z","last_seen":"2026-06-01T10:56:00.207503Z","times_seen":107,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-4b346616.a149f580.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:49.092Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-4b346616.a149f580.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-e96\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3734,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3604), with no line terminators","md5":"8872ca58192b8763c01cde655e58a24e","sha1":"21d8cce695a7962fee9275c354c4bf996848a65c","sha256":"8c7be6935e5631fb25fe6dd1b8406b0db0b4c417e94d103a3843d2d0c1b172cb","sha512":"bed9a8fd258f9482f807c54952182dd4fc94e276c397a45822bb8002c12bfe913318552dba07c68b0836796a8a17da33e0adee9fb06eff7a38cae3789454dc80","ssdeep":"","tlshash":"3071fe04e8d7d29a9c7b8502915d1a70f0362fa0c921f043e3bccaa463e5db86b0e7dd","first_seen":"2025-06-30T02:18:00.899229Z","last_seen":"2026-06-01T10:56:00.200555Z","times_seen":80,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vant/2.12.44/vant.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vant/2.12.44/vant.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 14:01:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 67557\r\ncf-ray: 9c71fb8969824e4c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"620aa8ff-107e5\"\r\nlast-modified: Mon, 14 Feb 2022 19:09:51 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 440573\r\nexpires: Fri, 22 Jan 2027 14:01:45 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=0cJbg9kXcRMqdOh0%2BM%2FssEkxB9v2Y5%2BkQnuC8raHQovY27c3EqoHIvQqN0qg%2BzXtzCLvXQjP5GCNjK5G71FbQHB6Ur6RHTyroXM53%2FGoRNRsz%2B4VQeRsPSjThyVt%2B8WFbuErg%2FXs\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":278598,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (57307)","md5":"bd964aefdd330a73c62c045d6b31e66c","sha1":"f7021d4ccab3188fc2c0f7ad8c51f88cda28172e","sha256":"4e685208d134a61fdf4e8fa18b054f5ca2b522813f9bf591db4ac4b42ef16598","sha512":"b9c22baff22e7711c36f2091e37825b9e865ce1d2ec8476f697712c62c51e4604a961e8182950a67cedd060d7ebb720784fecb4f4b46f8d98164badd580dac0c","ssdeep":"3072:RuhM/vLqNdJXyzFg0xnnx7XJ2pviRq4jtSr1GM6TyrfXc556SdryZMyR7:MhM/GU6KRBx+rRSPyR","tlshash":"be44e78ab1c5b425079770b5403f110ab237298cb81a84dcba79e4e66d7ca5ca13ff7d","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-01T10:56:00.23193Z","times_seen":232,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-4366d870.175bca26.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.765Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-4366d870.175bca26.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-9a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":154,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"92893dd74bbde0d3b99f7961ddc49084","sha1":"a2c4ee22ad640829d660abe7a0e20974076d8312","sha256":"4e87e87645a3cade6841c4948041b6446bf2e4e228b949eb1aca5b568d4f04d0","sha512":"d7cd4cf323461034e2767502d1a37cf02de528d1a4b8bc0fb0905284a72df55b518e23080bd31783e39b330c7a273602fab58b4b5ca8ada4698620a9fe091bf7","ssdeep":"","tlshash":"fec04c76658d6b2bf16af2906e5b71e86314ba27a110611b5a514630ddc3e6160d8428","first_seen":"2024-04-28T18:22:38Z","last_seen":"2026-06-01T10:56:00.194368Z","times_seen":277,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/api/virtual/commission/list","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.580Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/virtual/commission/list HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: es\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/m/index\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13760,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"a3a3e8796e4578c3866958b547fcd6ed","sha1":"f2a0746c4b5e050cc39d93bf3eddf21cc4b5ed98","sha256":"84a93c825fc99500b82fb6e1bff627b09da0accfeeb75ccef3e34fb2bb1092ec","sha512":"19868566a195d9460e8dc6fc1a23059ff23fffd383e2aa5af19fe49ade33d5e14988e6ca3aa00ee7787d8a07acb7ae7a6d966cddac41d991514ace9608e89b2d","ssdeep":"192:e5WEGD3MK0aO+GrvCbaWnRxqFrT4hCfiQxmQDnMbcWNjmCt32WFEWRodW2MsjSj1:eEHX7f3WbTm","tlshash":"63527d1e4369eceda45482c34bdbbddba05a713fc8809e582dd5ee8dc2424756b4f809","first_seen":"2026-02-01T14:02:22.294989Z","last_seen":"2026-02-01T14:02:22.294989Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":71,"dns":0,"connect":0,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/0d11e1fe24a4425e93c15c9c7e5561cc_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/0d11e1fe24a4425e93c15c9c7e5561cc_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:15:16 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2331,"timings":{"blocked":2135,"dns":0,"connect":0,"send":0,"wait":183,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/7dbe4916da924e25bf3f93586d893030_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/7dbe4916da924e25bf3f93586d893030_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:22:06 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3312,"timings":{"blocked":3120,"dns":0,"connect":0,"send":0,"wait":181,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-7fdaf070.0921470c.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:49.176Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-7fdaf070.0921470c.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-7bf\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1983,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1963), with no line terminators","md5":"03349f81e683a1fe231132512bb08a79","sha1":"12bcbba3a7079a3ffcd7a0dc910c1549d72d5e21","sha256":"2f77baa4e742cac2032d833ac32ebe0a3ceb321460c8913a7e2a9f72b1d5f33e","sha512":"4080f5a157d76550501adcc8b0781daa9730067d464583b6be7f0f6e908719e8f4ebe07ab0521d9267d282cc3c84f2f299982168873ebfb7a2d062229b0f784f","ssdeep":"","tlshash":"3041100db0c3f5984c7bf041912f222ae169bed0542869d0be74d0c56b61dbd232ea9f","first_seen":"2024-06-11T23:26:02Z","last_seen":"2026-06-01T10:56:00.227182Z","times_seen":119,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.15.7/locale/en.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/element-ui/2.15.7/locale/en.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 14:01:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 988\r\ncf-ray: 9c71fb8979ce4e4c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"619608ef-3dc\"\r\nlast-modified: Thu, 18 Nov 2021 08:03:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 440573\r\nexpires: Fri, 22 Jan 2027 14:01:45 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=YLzdoAvsi6z3x2Q3n8tEWbcGZHt5fau2gJD7s%2BiypmAErgToTIbqvVVI5qku%2FQXdD%2BQ8gsvxIopS6%2BnflMPSoKZs3Gd0MzDKD2y6HWdNaWF9yNCDXMJ5rnwagRbKe2lTZpBBZH3v\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3516,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"05c65efd7ab47381eac414b929c80d11","sha1":"c0fbfd65eaf0a9a92dedbc93b1b1d7d8c55f8094","sha256":"d6361676df25451bfb74c691c9304ba709919cd4dd03d3c7bd5f999af7a6c597","sha512":"3ca05b333100d916cc783022dcc5b5d0210351e5ff8f184bf7e6450f63f919dc6c28e330d2f49de7a452a7cbee975a68872a3e2d3cbeb99e255e2827b59674ad","ssdeep":"","tlshash":"0a71fcff49b5406a4135dc19659f6407616180ab4e28bc397fad53a82f8cc1ca0feed5","first_seen":"2023-12-31T12:39:44Z","last_seen":"2026-06-05T01:07:25.344623Z","times_seen":411,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":27,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/008335d7150d4f8799eb8cca59a8420d_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/008335d7150d4f8799eb8cca59a8420d_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:15:42 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2380,"timings":{"blocked":2188,"dns":0,"connect":0,"send":0,"wait":180,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/708c73339e8a41af8c258aceec6fea2e_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/708c73339e8a41af8c258aceec6fea2e_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:12:07 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":1986,"timings":{"blocked":1772,"dns":0,"connect":0,"send":0,"wait":187,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/3336f0feba8344279f39be8a90c3659e_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/3336f0feba8344279f39be8a90c3659e_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:12:50 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2053,"timings":{"blocked":1850,"dns":0,"connect":0,"send":0,"wait":183,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-680ea45c.4171287e.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.961Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-680ea45c.4171287e.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-c3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":195,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"14ae3e0a5a74981b6393f7d242d8c426","sha1":"69078a1e59422308103d045e3e75cf6a1a9ebb01","sha256":"39f89b7568e1c1524ad50e77ea33015b12eb7dd5551aaaf7d85e97140ca82fe8","sha512":"b04ba20df584c0aef3249e0bc695478dd866b97b4ffa90b7d8aef3dea1dc2562d98871218da405704a56d55c2ca08712599508392a9c4caaed2adcd96124cd3f","ssdeep":"","tlshash":"32d002f13e9ef0b98637c2a580deed441ba6f626d17752814d429f2819c6201397c35c","first_seen":"2025-07-19T12:02:29.47376Z","last_seen":"2026-06-01T10:56:00.206977Z","times_seen":68,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/563d6682d266413cbe529a181a27e00d_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/563d6682d266413cbe529a181a27e00d_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:23:54 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3650,"timings":{"blocked":3448,"dns":0,"connect":0,"send":0,"wait":182,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-2d0b33c0.76b45f33.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.677Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d0b33c0.76b45f33.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-8b3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2227,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2157), with no line terminators","md5":"4d28200dc1a96e8ea942110d0de11fb3","sha1":"329c8686545c332b8042152343ac66d849239635","sha256":"1fda28079b6bf3c9de5280daebaa102756fe7d38e6e21bccfa3f7249cca0b1dd","sha512":"8c563dc451a1a62df20936018a4b2ae1fd9d2cff06f9eb0c4c40937dbcb4a1bf632e4de6a81042b75c4e92171c9aa34fbddcab287ebfea77af37f7204e42fd7c","ssdeep":"","tlshash":"a541668db087c29e4d3e9442151e3335e13a6bcd9d2198c2e771c4856296c5b632ff6d","first_seen":"2024-04-28T18:22:38Z","last_seen":"2026-06-01T10:56:00.237367Z","times_seen":123,"resource_available":false,"data":null}},"time_used":686,"timings":{"blocked":509,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/banner/202601/24/fd57d3c675504b1192fd6c3c2d2660b9_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/banner/202601/24/fd57d3c675504b1192fd6c3c2d2660b9_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 372599\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 18:21:28 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":372599,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 699 x 650, 8-bit/color RGBA, non-interlaced","md5":"80ca09e19f9ff43d895983181e1b6c65","sha1":"f93a6d87f11eee9d8e704f79c1981be7146d860d","sha256":"5e5820cf209809de0951af7764c54d091eb896011a1ff6e967a1b50979148c86","sha512":"c31cfe26da057170078218c65e3981e87147daa178e8bfdeb9852a1e1b2a39515e7336b7b3230af5efaa255d3ad617112757138182b0bca445ae496cb38703d3","ssdeep":"6144:Obk6rcTmrWJsvsLaC4s2uXHfN76LAklytgxLd8++5fhE2YI1JrP/TUrnU370KwIx:qkBspBsHV76LBlyuD8++3VYI1h4rnS0Q","tlshash":"a48423fc59fd99fc8446fa2ef398781f371d5b9e99a1f9826b00a0e47c5eb484211708","first_seen":"2026-01-27T15:16:56.853205Z","last_seen":"2026-04-19T23:00:56.627216Z","times_seen":17,"resource_available":false,"data":null}},"time_used":1851,"timings":{"blocked":1465,"dns":0,"connect":0,"send":0,"wait":193,"receive":193,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.12.0/theme-chalk/index.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/element-ui/2.12.0/theme-chalk/index.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 14:01:45 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 27462\r\ncf-ray: 9c71fb89597d4e4c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e43-38cf6\"\r\nlast-modified: Mon, 04 May 2020 16:09:39 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1320115\r\nexpires: Fri, 22 Jan 2027 14:01:45 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=jMdtxMiHX%2F75JrzoELrbU5ecKIf%2Fm2aE4zlln82gdVZnP%2F5wAKnxFtYetBpHH5lkyj%2BhWKiFAKqBKtTLkK1H4IA2jQQJ6OdnLQLiL39KbBon92O3RrONhiEtjQX47hv%2B9v94WHF5\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":232694,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"b156c93b3792c208a43d643446f0d308","sha1":"1ee68ab3ff034e3553c779fe94079bbd43436f67","sha256":"913f0305e94e0c8cfea0ab62c4bbadbe86b52b5cd6893a1a3740d495a1005155","sha512":"671b1110d3c3f19b6c0ecb8e6a0771d05beefba8bfa8b3fde91e955df08c168477f23d526ca2eb355c7397dda5ef47e3f8196fef126c53d17cc4f8a236ff9c61","ssdeep":"1536:y28Y7SrW3YeWXA1u9w4HCe/l4ftg5fNME30e/8OaiZkW9YO8eQw4yG4tfNIc0yr6:Xbk0Z6fKyZL1dw","tlshash":"0a34a6219b07216b612bde6db6c0ba895f18c323d4725bbbfe55340dcbd34891263a4f","first_seen":"2023-04-06T21:01:19Z","last_seen":"2026-06-01T10:56:00.237941Z","times_seen":385,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":27,"dns":1,"connect":1,"send":0,"wait":20,"receive":3,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-19e6f436.b313c630.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.446Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-19e6f436.b313c630.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-6e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":110,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"f9d9f82e65f7eff1cb8e131e0b71a4f0","sha1":"249cd39b95839347af6d8d0dbd1d4f80bf2d6bf9","sha256":"16a28002d833971b2c0ff5252e93461a84c69cb02e95be2ac634ceb9b7bca019","sha512":"cc6a5e790589789c4ea19bcb5cdd5b29d4d2196631d56765469d4c3d9746ce99a5f7b12df2203c97466957c52d4afe781e49a33998acb9ddab735953cfa64b22","ssdeep":"","tlshash":"9db01240f80c4c2f22e3d3c82064dec536103993cdc0939d3ca8c1228d231503512ca1","first_seen":"2025-06-30T02:18:00.800899Z","last_seen":"2026-06-01T10:56:00.202567Z","times_seen":80,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-182e5dc3.0a790812.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.210Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-182e5dc3.0a790812.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-7df\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2015,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2015), with no line terminators","md5":"c202062edef335b03ab084ea41017747","sha1":"7821722d7941b80e07140259e5dec0c59977fc5b","sha256":"631fe2ea4558d9538389bee411f3c13d75a6f16b446addab458a1ef2a9bf5e84","sha512":"b030da504cba969758eb8f4c3655bf004db3e48f556e5b389e09548329df4a23c05adae8b97eeaaafd0c35907afbde6054edaa9ec5e74dce4b8c0052b4963d70","ssdeep":"","tlshash":"7741426be49c2d289137dc92c5285dd542e4d623d20113fbd85b1b129fd354634e32ce","first_seen":"2026-01-27T15:16:56.824234Z","last_seen":"2026-04-14T15:55:47.015687Z","times_seen":25,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":83,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/banner/202601/24/fc602f98b8814b52861bfb02c2069d07_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/banner/202601/24/fc602f98b8814b52861bfb02c2069d07_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 542057\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 18:33:11 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":542057,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 699 x 650, 8-bit/color RGBA, non-interlaced","md5":"82ed0e1333366331e4ee7d8e82982b40","sha1":"8d4ca632d55be63eda4b3327d37adfb67a5b4ef4","sha256":"64dde277e4d7ffc048c57c3097ce8af0927ab8a3af1ad757f1776f7bba67e096","sha512":"d18597316199d7ea3dbbcd324206f8cda32936b59316b0d8c594989fecbebb53a9194597b19a117de28f1d1f6c8582a6891f832edc4e8773cecef529031038db","ssdeep":"12288:TkJZABgV7HqcLeCDMUajU+tIUu51KmwEz:kgFBVjU+tIUG1KmX","tlshash":"8eb4238cf4c66cf5b7861d690309a264f387895d654bb033613e698933075cefe9e127","first_seen":"2026-01-27T15:16:56.856704Z","last_seen":"2026-04-19T23:00:56.602512Z","times_seen":17,"resource_available":false,"data":null}},"time_used":1880,"timings":{"blocked":1485,"dns":0,"connect":0,"send":0,"wait":204,"receive":191,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/d4c73864fca442b8a243d0d0e215d9f7_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/d4c73864fca442b8a243d0d0e215d9f7_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:12:41 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2032,"timings":{"blocked":1827,"dns":0,"connect":0,"send":0,"wait":183,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/e67b01d172574be5897886782797ebee_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/e67b01d172574be5897886782797ebee_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:21:38 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3270,"timings":{"blocked":3076,"dns":0,"connect":0,"send":0,"wait":183,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/api/common/dict/allMap","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.593Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /api/common/dict/allMap HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: null\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nOrigin: http://3080app.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10943,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6286984ed4d43dbc05b7d2ca809bb3f5","sha1":"223c83b75aa30fe5b236fd10eedd98edbcd804db","sha256":"d1ad2b81d11b6805570778a7b7e190dfdc3ec4cf955474faffa35d9d942ff4d0","sha512":"b385cf6ead0aa98bfd6b65013a1a2e1d68085c2a96320d8005ed612669cff1187c83983a54d7033218b4b5150be8e9e48c545124ed0e7bf67d21cbd2bda0fa44","ssdeep":"192:awc7RQ8VYkYN3SVxEH8AjW3K/ROMEjQH7q2VyfYo/BN2F3EjZaT7anLDQ8eGAv47:awc7R7+N3SrEH8AjoK/ROMEjQbq2VqYw","tlshash":"d632f08c6647b9f99d0ffc2492f8789e906d3f765d8dc6556e42a44930f00806a29f3f","first_seen":"2026-02-01T12:45:45.613253Z","last_seen":"2026-02-01T14:02:22.312398Z","times_seen":2,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/123a4191e3ed4e7ab425a67b9521bbdb_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/123a4191e3ed4e7ab425a67b9521bbdb_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:14:45 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2218,"timings":{"blocked":2026,"dns":0,"connect":0,"send":0,"wait":181,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/banner/202601/17/1ea9e213abd440638ca2b9040e7e175f_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/banner/202601/17/1ea9e213abd440638ca2b9040e7e175f_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 80247\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 17 Jan 2026 14:58:31 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":80247,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1280 x 787, 8-bit colormap, non-interlaced","md5":"af912194c0220ac8509ef46e55f12d0e","sha1":"cd38228a5fb07c66972682299373defedb825281","sha256":"d55a75cd237e29955dcaefcb734cfb17a07a9e1046e8b049458070d726b5a076","sha512":"667efd70bc771754effc1fb9c6db95bca5352e9ab3c81cfbc9d38f101ea335592a5da98f78cc08f787dbd8e49789c7b25dcf1edbb0f529e05c26cb7638aef1ac","ssdeep":"1536:6O6hpb3eZ5fb8UEfnCYVtm0ipqX/mye7BmiYCHcSAlk5ak8SvycLwL3DlTF:spb34D5wDMqX/k8ilHdAlkuSvt0r","tlshash":"5773029327b43804d55abbb97a0b481098173b7307c189dff2671ed6ea6346ff4e0289","first_seen":"2023-06-13T01:19:11Z","last_seen":"2026-06-04T10:55:59.650675Z","times_seen":286,"resource_available":false,"data":null}},"time_used":924,"timings":{"blocked":734,"dns":0,"connect":0,"send":0,"wait":181,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-1cbbb860.a57f141e.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.376Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-1cbbb860.a57f141e.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-166d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5741,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5419), with no line terminators","md5":"3a4c54ccf2f91c0f82848d2ddbec8961","sha1":"776d35e67a25b6d53cedd8c99228a7b53e693b5f","sha256":"ca99699952ee76b8244a575fd4397fe1bf2ca9424df1afb18ba6f461b5a29534","sha512":"637319aaaa6a3cba86ca7a50f5fe20f3af09cc695ee18db3ca039c22c65302fc8c883ddf35f4f007fb0dce7d26605f7e357ac22c1f5b48e0101fbddade9c055e","ssdeep":"96:uwh6S/u208GaSVN77UCQfYpxjfwByP2pAhqqtAeVf22I8rsl0uS0C0LDCS0zVr:u205aSVNKaFWyXIyu/LDCS4","tlshash":"5dc1e858f5e7a9ec1cb78281b03d7025a232f2249803e1c6e775c9de5ea7f14150fba5","first_seen":"2025-04-09T11:39:56.022377Z","last_seen":"2026-06-01T10:56:00.219569Z","times_seen":109,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":95,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/api/poster/homeList","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.583Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /api/poster/homeList HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: es\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nOrigin: http://3080app.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/m/index\r\nPragma: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T06:05:52.434608Z","times_seen":5283,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":69,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-0ce41c5a.4006cc4e.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.432Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-0ce41c5a.4006cc4e.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-1292\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4754,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4754), with no line terminators","md5":"f2cf758791111fd2d848603463e99178","sha1":"6efa309eee6c7aebb25f7eb378ebb367680cea9f","sha256":"be18a5cd6c8dd5547446a18363472d5ee56a0d2008b3d187fda6f866ed32facc","sha512":"33df9c558a43f266d0231279d5d2c940a857326b2e9e6de968d1b17983e6a784938bc4de991b04007f737e16b67f475a7c1fbab4e82228b22ec105c37d238cb3","ssdeep":"96:92hnM63MqkM6uoSYbc+7fb3bDb9UKUea6:yM63MqkM65bc+7fb3bDblUea6","tlshash":"eea159db78d68112d277ea5216ccd51adf336be73ba10cea71d8284dd706a80631f0a7","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.110616Z","times_seen":1107,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/f0bb84fef2e149108b3d9cf636eae5cb_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/f0bb84fef2e149108b3d9cf636eae5cb_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:22:56 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3459,"timings":{"blocked":3264,"dns":0,"connect":0,"send":0,"wait":184,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-4a224979.ae575bc3.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.826Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-4a224979.ae575bc3.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-45\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"4324c2c9e4ae5d00fe133d21e732b33d","sha1":"f5dedb85e0037227dee83b560409ec1f9af860b6","sha256":"54f30efbaa5e7f8cd31950fe9b21c5501fb79789e9b6d78f5e6ba066db61560f","sha512":"4860bd919a0b2fab508bdc2efe107868262f3afc964437fd552a48facdbbb1f43056395fc36cb7b5f719141c6b8eb67e78ec72874c484d74294f763c3d7e0bc7","ssdeep":"","tlshash":"b0a002a4fb9f957a5139fe156a551dd04180a75244930114d7e3fd545803a23faf0254","first_seen":"2024-06-04T08:05:51Z","last_seen":"2026-06-01T10:56:00.196204Z","times_seen":124,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-f8d706dc.cbc27764.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.120Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-f8d706dc.cbc27764.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-70\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":112,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"356149ed230b9481a4b0a80bb6e9a27c","sha1":"ffdb151234ec2e972db2a4f2e79aaba15ddefb5c","sha256":"a27527c60ec70a58cb61e9aeaf0d134c94dd7e658d469bc2daaf965d466acf7c","sha512":"440c1034a95e5e6ed49eea04f26d84bb07075359217b31f6830c80c5f27cb4677443cfb707ec2f2ea1dbfea2aa6c3539cba6f42cdb2ac06a03dfaac69d7abc93","ssdeep":"","tlshash":"bab0920969072908141fba60a6380495c2e0c22a918a32978813572687d71da0bb4b0d","first_seen":"2024-04-28T18:22:37Z","last_seen":"2026-06-01T10:56:00.203747Z","times_seen":131,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/bba54e50adbc4b3ebd38ddd43c788665_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/bba54e50adbc4b3ebd38ddd43c788665_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:04:02 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":1871,"timings":{"blocked":1681,"dns":0,"connect":0,"send":0,"wait":180,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-2d90c97c.245bb9cd.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.649Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-2d90c97c.245bb9cd.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-12ba\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4794,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4794), with no line terminators","md5":"d81af9f0fed86f2336e72d4dbd27b0eb","sha1":"f7aaa56d9a8bd8ae249c346f868bf6a66e5c4d09","sha256":"93cd6c5726c486853f54f0522bad1d31d143d5ede3f3d41dacd43b1297cb0477","sha512":"b7220674ed2cd37383d4cd6840f0f7b9bb2e0301319a7c9fe9786dc2fb91bb94a3ba5d41d998b3dfbeae59ce2af1bf3156e12f11596711bb921471d799bcde7c","ssdeep":"96:RxU1M6UMqhM6pLxmA94d2+Wlfb3bP4PUKUez5:sM6UMqhM6Z4Q+gfb3bP43Uez5","tlshash":"2aa18fdfa4f68111f1f7de6217cc9445de326fe339a10ceab1da148d870aa85271b0e6","first_seen":"2024-09-19T21:03:31.100076Z","last_seen":"2026-06-01T10:56:00.239006Z","times_seen":250,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":112,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/723c99e867be4f3f91702eb55899dd70_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/723c99e867be4f3f91702eb55899dd70_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: image/png\r\nContent-Length: 27986\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 18:41:40 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27986,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 286, 8-bit/color RGBA, non-interlaced","md5":"d674857b697a6d2c9c1742c68795afa4","sha1":"b8a9f7c2b1ddb049a2befda920f6ec3786b4ca74","sha256":"58fee5cc416217cdfa8e8d253fdedc2a43df27941a8cd586c6ad736ef87e1b64","sha512":"639bebc7cff550a3dc40dc735fbe685b974cf840ab7aa54fff220ddb457af72f867255882c79b5989cbfa40f5ccbda2df073a33e587d81e742e9e9f907ba9e7e","ssdeep":"768:DnmIqTIGV1hLsERa7pBeEBA9BfVBxNksMcFhJRuRf:zmIqUA1hyuEeBf9msMKhJ8f","tlshash":"43c2e1bf5219e278a2318ee8e72850f1e70981ed10c4936395b7f3e32b8ddac7c18585","first_seen":"2026-01-27T15:16:56.802391Z","last_seen":"2026-02-13T01:17:51.139655Z","times_seen":16,"resource_available":false,"data":null}},"time_used":1805,"timings":{"blocked":725,"dns":187,"connect":175,"send":0,"wait":353,"receive":2,"ssl":359},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/banner/202601/24/d3f29626352c402e82ed1f2f25849f7d_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/banner/202601/24/d3f29626352c402e82ed1f2f25849f7d_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 494981\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 18:33:24 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":494981,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 699 x 650, 8-bit/color RGBA, non-interlaced","md5":"d6950bd8807b19df257ee4c631d6e5c3","sha1":"a45c5b772aa9f3fdf107cd4dd2b57dced9228266","sha256":"e7d97bfa923cdd53944683cac88d2a5d9686a01b7a5731c11b17dddd2c398f59","sha512":"f1821bcf714104805676c6d6dbb9c40c023d5b588fb3fb25baf659eaa8b2315af0efef892be96f6088fd42af45c9deccc42faa83e17b56a17c6a8a2bf33a8933","ssdeep":"12288:C/pKY8V+mFddOiApKEvmXX/6hD4/39ScyJOPpZGMw:Ln0mFddXCvmXXyQccyJO7Q","tlshash":"63b423c160ead604c64591694b21aadb7a97e2213f70f7796632f2d30dd6820f6306ff","first_seen":"2026-01-27T15:16:56.83647Z","last_seen":"2026-04-19T23:00:56.617899Z","times_seen":17,"resource_available":false,"data":null}},"time_used":1865,"timings":{"blocked":1617,"dns":0,"connect":0,"send":0,"wait":178,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/lib/flexible.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.158Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /lib/flexible.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:45 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-fe7\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4071,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"2481028b2f8ae3f9f9c15d0899705aab","sha1":"175d394457b861cf64b9347d243fe3f179048faf","sha256":"5fc76e812ff59a1e0a2faecfb1db22cfa4af69efafef2f3bde03494d543acc1e","sha512":"7b48ed3af9b9330ccbff7a8a9b7dbb1eeadc4356acc22f68a821d435b8cd85e82bc453d489355ee0679cd5ef98feda4c0be8599a0568c1a20bd6d8901669e5f9","ssdeep":"","tlshash":"fb81322806e722361e2330348fbf210539728067055ace447d5ee79e6fe4a654ef6bf5","first_seen":"2023-03-08T08:46:29Z","last_seen":"2026-06-01T10:56:00.253522Z","times_seen":284,"resource_available":true,"data":null}},"time_used":537,"timings":{"blocked":172,"dns":6,"connect":179,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vuex/3.1.1/vuex.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vuex/3.1.1/vuex.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 14:01:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 2776\r\ncf-ray: 9c71fb89bac44e4c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402f-2693\"\r\nlast-modified: Mon, 04 May 2020 16:17:51 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 915540\r\nexpires: Fri, 22 Jan 2027 14:01:45 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=u2qlTR7Z28JvLLAsG5vFI8im0umcorDnGSPtNHgT9Cc6llpnAegojnyzklgY3fl45oh%2Bm1c5lzF5E%2B%2FVvftYhFeIC0bNUMImt0oYApFHUH2EMX1tLKAd6sQ6ydAGdoyaOHnWtVaH\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9875,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (9815)","md5":"c66594705de51675f08e3b83b9b9b38c","sha1":"40fa40f722043957a56324174ec6f80389391971","sha256":"e973901e74ff65888bbe2e58b95cfb957d5db316bb185a106f543d99176d1d65","sha512":"3cb0d6b77ac49d3c6c5c5740efa2fd9e3e0c79158c88a9d4f0b709f4713a38a7b72109a2b4c636377c783effc3c6457c718d8cdc2e9c7577db9691562e95375f","ssdeep":"192:90DuIfY7JtjC5ydUypH82+H8urFLR7BD4GOUo1MQl+B2GHPpB3QE7WA+MWnBP:9guIw7JtWqmhfldD4Eo64UgH3nx","tlshash":"4f1261ccf661b0764a377460623f120fe276a46d200a4468f598e4ef6cbe14d94abf3c","first_seen":"2023-03-07T12:05:56Z","last_seen":"2026-06-07T01:38:16.191432Z","times_seen":1411,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":3,"connect":11,"send":0,"wait":11,"receive":1,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/banner/202601/24/80d7775868e541f6bd5038fdb10c6dc3_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/banner/202601/24/80d7775868e541f6bd5038fdb10c6dc3_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 445787\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 18:21:07 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":445787,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 699 x 650, 8-bit/color RGBA, non-interlaced","md5":"0ba7f758104799f7def45fcd28be53d6","sha1":"5a7be288439946f540f3c47751f69fcfdffc21c1","sha256":"738e30c0e397513097da493bebfc44267d12a0f09859e2153b18987d6ac49797","sha512":"09a8d30eb0f143ffbf61ba65940c7f0f8f58b1f5302507fe64d26742a68407d9f48cd8c2d2731480ef0149b4e5baff1594e2a77572c4555354a3db9a65f02d81","ssdeep":"12288:5iLNvq6uDnCyfr7JHrZZdxbhy6NY/4/GSseUpC/g:ALNvqtCGP3ZJi4/LnKC4","tlshash":"66942370f3f47773c525cbab870492419ee3f98f520e78482e9595e9a1ecfac40079a6","first_seen":"2026-01-27T15:16:56.795972Z","last_seen":"2026-04-19T23:00:56.474855Z","times_seen":17,"resource_available":false,"data":null}},"time_used":1781,"timings":{"blocked":1311,"dns":0,"connect":0,"send":0,"wait":184,"receive":286,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/3489822588ea4a798dfbe884da165674_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/3489822588ea4a798dfbe884da165674_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:21:51 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3289,"timings":{"blocked":3098,"dns":0,"connect":0,"send":0,"wait":180,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.15.7/index.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/element-ui/2.15.7/index.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 14:01:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 122414\r\ncf-ray: 9c71fb8969964e4c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"619608ef-1de2e\"\r\nlast-modified: Thu, 18 Nov 2021 08:03:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 800298\r\nexpires: Fri, 22 Jan 2027 14:01:45 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=nM3UP9yNCGx818nYP6mIaUJViarXh5egPMTqbR%2BuvclutYPJwL4NDJ3V%2BPnLtqubZnJFB%2Bm1%2FO0nF45DOcp1Ha1flxsEY3eLYiLGyBFjhk5ShZLtRral3h4Q0LCIUZhlC652s4lP\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":590640,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65105), with no line terminators","md5":"dc6dfa2d326274455390160572856dce","sha1":"efd937a0eaa2f39487b612814c98c37a752c9a2a","sha256":"bc09e54472585388c0ef0b58e5818a448f03b5671df4120da425cd6cac70fb79","sha512":"d42e99eb85cefb310ba46cf4a5fd9514f6804d4fa95f312178b0b54723db60950908465b257cd7160e2a67e56b1b2855bada2e67f56c992f53fad520bb7a73f6","ssdeep":"6144:jlrTktiHOvAeyErnMb/KeG4tVhkiIAUYxRtS8islZST79eA:jNktiHOvAeyErnMb/0G1TUARQ79eA","tlshash":"e1c41a8d72c5b53147a36070103f250bb33b299ca40980dcb679d9ea6dbd909626ffbd","first_seen":"2023-03-11T09:11:20Z","last_seen":"2026-06-07T10:47:43.44918Z","times_seen":641,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/77d497491c4d480e822f1af9a2d853b2_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/77d497491c4d480e822f1af9a2d853b2_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:13:46 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2163,"timings":{"blocked":1967,"dns":0,"connect":0,"send":0,"wait":182,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/8fdb86d5148e4cecb1c0a3530c433867_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/8fdb86d5148e4cecb1c0a3530c433867_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:14:26 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2199,"timings":{"blocked":2003,"dns":0,"connect":0,"send":0,"wait":180,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-0ce41c5a.36a8d6d5.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.176Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-0ce41c5a.36a8d6d5.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-4b6\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1206,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1094), with no line terminators","md5":"5e979cf4281f7ebde0d82b99cd25ba25","sha1":"1810e016d0dc79e815f84b4c21caca2e4be64352","sha256":"e265a6091249dd914b53d55a7c2a2711fd8813ddb7c38ca634dc4d02de49238a","sha512":"849df467f9db93783890c75d5e9dfb70f4742dcd0245dad279e9d4dd76ce362d4503685b25916dddaede4469f9696398a5d4f268c06b2dc0c98bd2bb9caaf58f","ssdeep":"","tlshash":"2521dd48b4d3e62dcc2f4406200f3371f0e23eae1410a8c2b2b4c99a5739ea5570f97d","first_seen":"2024-06-11T23:26:01Z","last_seen":"2026-06-01T10:56:00.189054Z","times_seen":267,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":15,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-206d39cc.fe15a964.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.393Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-206d39cc.fe15a964.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-b5da\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46554,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (46076), with no line terminators","md5":"f47d5ab2779095fd9b3d8b4cb0ffdfd7","sha1":"a2b143ff76d0144efd84fd7119dc814318920430","sha256":"74234ede5e703da2bfd18185038c4667a57d1bdb0f4db870bc204012941da76d","sha512":"788f17fed5a83f265f8bb335de29cc7717d769367b394e7d4a3d9290a1c1242b40b7fe7e018a7164a393e4f8aa390c1c6aef2277e6487900bdc3563df7a2e70b","ssdeep":"768:viPESMntK2KxE8nGIO9ntK2KxE+aGw6MntK2KxEl:v9tI7n2tIf3otIk","tlshash":"9223c94cb1c7f06e4a7b5221851f1419e23a6a99e405c145fb3cc8e1b9a8c69772ffbc","first_seen":"2025-10-18T07:29:14.095009Z","last_seen":"2026-06-01T10:56:00.215755Z","times_seen":66,"resource_available":false,"data":null}},"time_used":278,"timings":{"blocked":98,"dns":0,"connect":0,"send":0,"wait":179,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/core-js/2.6.9/core.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/core-js/2.6.9/core.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 14:01:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 27060\r\ncf-ray: 9c71fb89aa8c4e4c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e2d-16793\"\r\nlast-modified: Mon, 04 May 2020 16:09:17 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 9357580\r\nexpires: Fri, 22 Jan 2027 14:01:45 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=aATcz2VO9NmAhJyJvIvUbEVhNzwdDNa4w3kp6MxGB%2B2Txiv4HUO67A1B%2Bd6mjSYMHWtXc9PIBn3TtcbWYKz9eVy0shdpEOSOHN9Y061IbtCQteByTgI%2BHbFNUgAmzWu9Jvore5X2\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":92051,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32000), with LF, NEL line terminators","md5":"622c4c9d5dc4b1ee29a2eb908186ec88","sha1":"491753a3f979f7d180af11e1929ffff85e30f921","sha256":"794d1c7ab27be77d366e0497e641488e50f5ae6581b4db51cc08de1e142eb47a","sha512":"2b2485006e3a36dbae0d0d8488ab63ae6085c34d5a6f72c3558c52b492294c157f67ce47c1c3b89498db9ff72f748485fedc04a881f1877f903cfa0df1c8be8e","ssdeep":"1536:PLFpwkiSucuVH8MBfaQQ979S17LMgRCSRjMbEjeb6Gt6UQ:PLbw1Sucu3Qw8gc3gk6Gt61","tlshash":"1f93618cbec6f06642636675413f900bb27a1a86745f89d0e12ed1e4bc7c98f413be6d","first_seen":"2023-04-06T20:58:39Z","last_seen":"2026-06-07T01:38:16.184989Z","times_seen":1466,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":55,"dns":5,"connect":1,"send":0,"wait":13,"receive":2,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/banner/202601/24/244c3c90745a474895cc260749297b6f_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/banner/202601/24/244c3c90745a474895cc260749297b6f_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: image/png\r\nContent-Length: 644757\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 18:17:34 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":644757,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 699 x 650, 8-bit/color RGBA, non-interlaced","md5":"52607a5ac9a7ad4e7a8a9966668f55bd","sha1":"2188769eb01350a28c5dc4a8dfb8db73501b83c9","sha256":"6ee9c9088557216deed1f275e4c0db9d68e51461ac0c82802ebbad9d5eaf727c","sha512":"cd3b2f2643cf2ca20f59b56962f2a0c7bd8d937efc932dab4b4f7f39039cb3ef98a3e4c3019106478af53e45ecd888af8ce5f034f61703f75926f3b31e0acf2d","ssdeep":"12288:Cgu/5c58y2J6qNEb4QdOtSSwnc03A/1fU1WnzwpG1A0iqEkIjrUPTWVbWzNfF:QdHJ5NE1Qt7ob3y1YG1A0iH/UP1zNt","tlshash":"c8d42310b2e03ec0580f597d50bf4f5724f6f49687d0a1b7a272f17609ad316acacaad","first_seen":"2026-01-27T15:16:56.82159Z","last_seen":"2026-04-19T23:00:56.651656Z","times_seen":17,"resource_available":false,"data":null}},"time_used":2183,"timings":{"blocked":543,"dns":1,"connect":180,"send":0,"wait":355,"receive":741,"ssl":359},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/99c74a14367c4917b93dab3338f67ea9_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/99c74a14367c4917b93dab3338f67ea9_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:16:02 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2487,"timings":{"blocked":2297,"dns":0,"connect":0,"send":0,"wait":180,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.1/swiper-bundle.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/Swiper/8.3.1/swiper-bundle.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 14:01:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 34443\r\ncf-ray: 9c71fb899a5f4e4c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"62ceb414-868b\"\r\nlast-modified: Wed, 13 Jul 2022 12:01:24 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1397807\r\nexpires: Fri, 22 Jan 2027 14:01:45 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=WJKqwIFvbjBPcdi93ceJWNr12AGS1dUmMeVBjSY67Z6sE0oSPn9ML%2BWQeNykO5XxVjttNTok3M4RHp9x%2Bsadmu%2BhOqI%2FxsAXnKDrYfaL1aw4PMRbElSbAhW2wDezDGoJJ6%2FzQLUJ\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":143070,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65283)","md5":"38ef180eaf570243775427085e2ea834","sha1":"e0d97d1c702c90dbb22a6294b3c1e4126ba1662a","sha256":"b624e1e378abe009ef0de69a698b0a3e734af47efcdbd6816d5fcb8fc64c8bfe","sha512":"9da1101bbe0870e2d0e8afc1d4f9a121c6788b7604d855ecdb39bad37135437b216eba27f8f9982e0e38feafb1032983fd1bec919d87f25d506bb239a842e5ae","ssdeep":"3072:NJvgjudkXhYnafpoy9v8cIWyUaV4y+oGeJhyEfrNK/MxF:NJvgidkXhYnafpl9v8cIWybV4y+oGMAQ","tlshash":"c0e3f8896360b1a552e3268b93a9c611e3b51400b409c4e871bd4c9b6d7ed9813ffffe","first_seen":"2023-03-07T01:27:55Z","last_seen":"2026-06-07T07:45:16.076416Z","times_seen":465,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":13,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-2d0cf330.d3cb0e12.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.681Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d0cf330.d3cb0e12.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-893\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2195,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2183), with no line terminators","md5":"940b7b1594fbb05b40ebad18fa7000e5","sha1":"ecd71236bc23c695c06da8ccfbc33e0eac2910e4","sha256":"ee1e38b7ad5206dea00e0f500875ae3bf88cef0f8fc8de8b9659f22ff1ae5a4d","sha512":"bb98d694a3cb128b1cd66ea613a39f919126c0287ab28e7c949dda94483c31fb96ffe7d09929e176b66ba97aa263c72d485a3833d40790492c63a413ffe508fc","ssdeep":"","tlshash":"c6411108f893d2bdcc7ea825562f1674e1709ed44504f151f63889b1a3e0c784b5ebed","first_seen":"2025-04-09T11:39:55.904569Z","last_seen":"2026-06-01T10:56:00.226407Z","times_seen":106,"resource_available":false,"data":null}},"time_used":689,"timings":{"blocked":511,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-2d90c97c.170827b8.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.945Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d90c97c.170827b8.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-804\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2052,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2052), with no line terminators","md5":"38ff190d07bd2005e8eeed02e73e4202","sha1":"79e52f2f3e35d773b345238b68ee2813c2854e3e","sha256":"f8a1abb5115294689f2b203f819c2357aadd5e88027c261398eae26d4eac2118","sha512":"c13ec5283526197997540236a214eee9e4ef2cf7f8c99f8d84c09f0d956a35b29f524e39092671f0827ce88c9af414728f2a968383affbe6d544cffb3a3dcab9","ssdeep":"","tlshash":"77413468b096f17d9c32840a245e3230e15e1ff45920edc1f2b8cc97d2bae9d072e69c","first_seen":"2024-09-19T21:03:31.183439Z","last_seen":"2026-06-01T10:56:00.210457Z","times_seen":109,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":178,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-1d8200c0.151d881f.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.392Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-1d8200c0.151d881f.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-bb51\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47953,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (47455), with no line terminators","md5":"636133671b750e8b58028c759390117a","sha1":"f46ef314ab5cb78e778312534dd4dfbcd5109029","sha256":"673b455052afbe5aafa1d630aefd8d6698c59797b5cf1e9e61370c69aff1ac53","sha512":"8ec3dc2fab8d1ffe32d80d8cd53dab2b9631703e6014a3a332b1d81e462f0af178a28e249b8b135ef471d8a4e43c8b6e8d9d62808ceddf0d667e866f755d702d","ssdeep":"768:uSJViW0ts2ZtK2Kx0GIg1udUZtK2mxMZYywuVZtK2Kx0S:ucGtIbIgNtsGYyhtIV","tlshash":"fc23d94cb1c3f06e4a6b5621851f1419e23a6a99f405d145fb3cc8e1b8a8c69772ffbc","first_seen":"2025-10-18T07:29:14.091517Z","last_seen":"2026-06-01T10:56:00.25875Z","times_seen":66,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":79,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/app.d0b60b6f.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.162Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/app.d0b60b6f.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:45 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-2781a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":161818,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (64370)","md5":"9c806df89d61e3e0efd1c1e9fc4500b2","sha1":"68dd2a4116cd8e54ffddbaf7ca938d07172c0543","sha256":"075ecb6cfec87e16daac1178a38a51715c60e16f1eaa2fb5462fa0f365371d7f","sha512":"992a0dd658cd74437eef21b957cb0ff4510223e1cfcacf4d7fa1ce6328ff92c4195c1b4fcfcb999e35ad82746a2630de3ec508b1687fbb6eea7f456870f85172","ssdeep":"3072:3kZYwo1OAPkuD336ya5hrCen0eTUIfS0QqX:3kZYwo1OAPkuD336ya5hrCen0eT0Y","tlshash":"60f39997bad5210cd8574e92c6cd7efcea3f491252928cd7b1433baa8b453db238501e","first_seen":"2025-06-30T02:18:00.921698Z","last_seen":"2026-06-01T10:56:00.195562Z","times_seen":78,"resource_available":false,"data":null}},"time_used":712,"timings":{"blocked":164,"dns":5,"connect":176,"send":0,"wait":189,"receive":178,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-1cbbb860.e43e04be.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.448Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-1cbbb860.e43e04be.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-2fd\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":765,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (765), with no line terminators","md5":"dedea350ecbc1691a0dbc8d699eafe18","sha1":"5875d960f2c96a25fa5e2a281882c9fab260f05e","sha256":"b4f4b8fac275a3e0d022c71e3f984c36e63f3abbdabc0d22b4ea662688bafc55","sha512":"abb6f62c9a3400fb24695359add398e1f219e57e466a1cf11d45f6d1764a44b6bd8481734fbb054addd438b713e2c5cad79ae38d8c8d692a52c9ecf0698f23b9","ssdeep":"","tlshash":"9301d2f530aa2814a73af62c719867912c20e333c543028a57d3d63e4fc73d515e4e87","first_seen":"2025-04-09T11:39:56.041244Z","last_seen":"2026-06-01T10:56:00.222011Z","times_seen":110,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":135,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-7fdaf070.c293b530.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.017Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-7fdaf070.c293b530.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-128\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":296,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"31409204b8266587230f69e8ebf6c469","sha1":"63184ae00e5a49abec4aa8747b7fa776146b4536","sha256":"c626f89a80a475d50efc020bb3502241a4b52fdad3e62fb5d4be32654cb6db77","sha512":"dde60faa565d1a20c70c621c70e501eaa31747b3aa4ffb72add3976d37dc9f07608e0ab0664619fe3a3c08f64712618e2e8c13bc0b3804c0209273699f675683","ssdeep":"","tlshash":"05e0726a3c8e220a28a3e06738845cc6c0a5238190104332b9b3bf296f57e2170a033b","first_seen":"2024-04-28T18:22:37Z","last_seen":"2026-06-01T10:56:00.255082Z","times_seen":128,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/static/icons/ic_recharge.png","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.884Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/icons/ic_recharge.png HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/m/index\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: image/png\r\nContent-Length: 1139\r\nLast-Modified: Fri, 16 Jan 2026 14:24:48 GMT\r\nConnection: keep-alive\r\nETag: \"696a4a30-473\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1139,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 19, 8-bit/color RGBA, non-interlaced","md5":"1c2937ad9f59c2144856c7e17b022a65","sha1":"4c6e4fc1d9be48286e643da67f8e88b8612e0744","sha256":"9e4d52b130ee6457bc78db04c15c4f771820eb2b983259fdd606298f1e3e9f75","sha512":"894ea7b05ebd0efd11d9b79739fa3416d83302618e0c014a95c65bf396ba0cde03d1690dbb1851c73b1a267d6a0c2b5e9db5b2a3de26201fc8a3f4280f30c970","ssdeep":"","tlshash":"5321c6b50eff1ae2d378b339c412a4a2eb9732677514360a3d15c00b94b254c4483279","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-06-01T10:56:00.262986Z","times_seen":90,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":123,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/7dc76a80f0164b13958c808d636908d6_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/7dc76a80f0164b13958c808d636908d6_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:18:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2772,"timings":{"blocked":2580,"dns":0,"connect":0,"send":0,"wait":181,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/static/tabbar/orders.png","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.551Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/tabbar/orders.png HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/m/index\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: image/png\r\nContent-Length: 906\r\nLast-Modified: Fri, 16 Jan 2026 14:24:48 GMT\r\nConnection: keep-alive\r\nETag: \"696a4a30-38a\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":906,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 45, 8-bit/color RGBA, non-interlaced","md5":"7158cc1ea0a5361d7da036a4ae236e7b","sha1":"f8b1761e2ae0d975005dfc59e0d8be65f2444ca3","sha256":"940f1ac824ebe17c2c94051bcece498bc54564c3fcd9a0a47c77184cd96f08b4","sha512":"237c5cdfafa2b358d9cb1ceb1ae6c4aa6229a3bd345172f38d5780a8231c1c6951ee08cba7ae002c643b1fe6687f4292d4333efdbaa7b750c4a7cc60c6a835b4","ssdeep":"","tlshash":"371163ce6379e8aca68c5b3c74cc053fdd72517e60ceb108a8105368ec7a745414a2e2","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-06-01T10:56:00.213968Z","times_seen":90,"resource_available":false,"data":null}},"time_used":461,"timings":{"blocked":281,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.1/swiper-bundle.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/Swiper/8.3.1/swiper-bundle.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 14:01:45 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 4219\r\ncf-ray: 9c71fb8969844e4c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"62ceb414-107b\"\r\nlast-modified: Wed, 13 Jul 2022 12:01:24 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 8582859\r\nexpires: Fri, 22 Jan 2027 14:01:45 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=emQ6KlVawbsth2NID45DoRBZd7Twj19NP0l0U%2BbB0%2B%2BcDwdcf1fM0JKMOZFtA4nDOgzCQQcwHUkUseqZIL9RvZ8qDHIhB0%2FRXMYxBCjWGdQHIEppHPNk3HkbuaQ0H%2FsWGG9FffJm\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19297,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (2240)","md5":"dc42cb727908d66cfc974a6f55cd237f","sha1":"18a5e51a20f48241f660c87214ca0d38c662fa63","sha256":"de3aa2bd1edb484896d8b84bb8aed72f913eb094961ee10277fd908158cbed00","sha512":"e531910a5de13e8aadaee84efa6b9b4eec921ce7dc101bf221f8961e808af300cb99fe82d54ef7394a0d094e99bf24fff2f7c27216b520d0c8a3c75a6c39908f","ssdeep":"192:XbaCmUJbiKnectoOJ4PQ6UpqWaJxYG6OdbG68FWPLF9FFDE4bRswwMclce7se6tS:XOUbecnOPjUpTlGrGATF9FFE4b2xlh","tlshash":"bb82029853b01c1326274e7a1a728774ebb854810b4bdd79e2c06d48dff99fc631f2a5","first_seen":"2023-07-11T11:12:19Z","last_seen":"2026-06-01T10:56:00.224732Z","times_seen":149,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-1d8200c0.68ff336f.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.617Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-1d8200c0.68ff336f.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-790\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1936,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1936), with no line terminators","md5":"ae6b44f25ea0633abb1972fd12e58aca","sha1":"8c320c348eb188f35693c586e2e740a4ab377188","sha256":"71d36942dd08d28d0e673d926aa9313c31dae8e60e9da4d5d0ca2e66ec20cc5b","sha512":"5f97436344e6e7ee6f9d07bd777dbe87d7cdf1e4c16ad8302a7efa8f897e2659e5da69e4cb95cd4e79a4784ee75331a3793f1f396f8647703e3b04558a1aa55e","ssdeep":"","tlshash":"c64138b67e040016bd2bd81ecba410c771ba6532d12345963973bd24eba7af032ef791","first_seen":"2025-06-30T02:18:00.903678Z","last_seen":"2026-06-01T10:56:00.193536Z","times_seen":80,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/static/tabbar/grab.png","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.548Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/tabbar/grab.png HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/m/index\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: image/png\r\nContent-Length: 2181\r\nLast-Modified: Fri, 16 Jan 2026 14:24:48 GMT\r\nConnection: keep-alive\r\nETag: \"696a4a30-885\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2181,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced","md5":"473a27c1195489a54d77717d2745ecc8","sha1":"afff5e5e9c8252bdcb0d620510d00d6ebf1ba7f0","sha256":"564dc8a0df824a34af42659eeee924adb20dd4a21cdc71d58ce8ec21abb3a7f7","sha512":"072ccb3e27e200e3363a4fa9d86d012f0f388b906bdf6835bfb09782e27a277900fd6f785d350db60c79ab0222dda7c2d2320fab57b7b41601558ea2a26fd789","ssdeep":"","tlshash":"66413cf380630c7ead1bf45da5814a0da5256cd81e3b903c95291d7ae04b2f0b8294cd","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-06-01T10:56:00.184529Z","times_seen":90,"resource_available":false,"data":null}},"time_used":472,"timings":{"blocked":292,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-680ea45c.bb5af193.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:49.129Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-680ea45c.bb5af193.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-ab3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2739,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2739), with no line terminators","md5":"0229ad5705203b258375deccd035a1c5","sha1":"948a1c31b40b0944de3f6fedcbe1c4589685d082","sha256":"f0fdd44dae1197cb964f9ebdc26ad8beb30f7cb52591cf6c14caf22d551a00e8","sha512":"be231cbac8962637bdf3a64be6ba50c723475b656f1bc10ce79cefa9283b49a931a5088b08beaf1f35108f467f51472121bd92e85f4829bfaac4ed78e1d2b25a","ssdeep":"","tlshash":"7f51612c7142f5bd4ea7a161452f7216e13a35451075e881f760cdd097e589f823ab3a","first_seen":"2025-07-19T12:02:29.44903Z","last_seen":"2026-06-01T10:56:00.212728Z","times_seen":68,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-e19f796e.ec38c8ad.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.018Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-e19f796e.ec38c8ad.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-94\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":148,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"da5010df73283833c99259d2eed74202","sha1":"6dcf2fd4855c6ced3c3347bb87b782f709c4b966","sha256":"3a0957b91a0b8b9a578dfc7baacd10641eb25c7e8aefb040f8328b188e9509c4","sha512":"b5e28ceca999033b239829e616eb968fbd88cbba0713236212ec94de9288c76c0ba4986b32409261bc49c74156fc654bb939b4b92ad0d1a76e2a3b2033d8a873","ssdeep":"","tlshash":"79c04c71180890bd9137c23000deb5841425f22fd3f354814c06ba2419c6340387d358","first_seen":"2025-07-19T12:02:29.432859Z","last_seen":"2026-06-01T10:56:00.22835Z","times_seen":68,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-22e427f4.1e4bd738.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.672Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-22e427f4.1e4bd738.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-71ba\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29114,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (28224), with no line terminators","md5":"5ed887ea3fb8f31ac17361aacec98c0e","sha1":"baffb478f2046565527418e90ebe2cb64dbee678","sha256":"a9913f1ccd699519bf65b9dbc7ff4860236342b87be414023107c18da5c9d87c","sha512":"296afc1b819c3121024ea6a404da3f91ba2176e2aa6677269bffd2b4c24d130f4bb7552b5eefc4955d06874f694e3fbced94b8d78212a0aaf3f1feb462d23f87","ssdeep":"384:Fjz/yR8Vj16EDwF6Ey5pATBPEVxj8/pO9fToSWSJPrs+aRRDTq3P6hxsURetvSZZ:FjTKCuUpoHstvSZxiwX","tlshash":"f9d2a5ccb1c7711a1cbb3062712f758db336b54c380ad19493a8d8e598ec9d89e27f94","first_seen":"2026-01-27T15:16:56.860764Z","last_seen":"2026-04-19T23:00:56.497969Z","times_seen":20,"resource_available":false,"data":null}},"time_used":523,"timings":{"blocked":342,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-01T14:01:44.679Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:44 GMT\r\nContent-Type: text/html\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-3c39\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:1.11.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js:2.6.10","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"SockJS:1.3.0","description":"SockJS is a browser JavaScript library that provides a WebSocket-like object.","website":"https://sockjs.org","common_platform_enumeration":"","icon":"SockJS.png","categories":["Web frameworks","JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15417,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (11857)","md5":"e391d8de43bdc115e55532c3caa70655","sha1":"6201122b8e10dd2fce30b6aab0252e1394d02bed","sha256":"980196c32e203478cb5394dfc9d44143a6eadf71a71704cacbb335b537c53373","sha512":"802c8881d3a031a16f2c2c8ca221d56e09abdffc5d38d7ca654a5563627219f4e0ba76db511cd607a9e45b8717c1ea2bba7cc04ba2b0536b29b6508856a9205f","ssdeep":"384:d1J0CLlqU4TZh4p3Jsr4z21PLMEE4AJI7QntyztM4KaZ0W1nL:d1yWgCaRJkJI0ntyztM4KaZ0W1nL","tlshash":"eb626469d20009edf592ce8f5a75bb6994e77c773931e484f26d884bcf18fc4162608b","first_seen":"2026-01-27T15:16:56.77774Z","last_seen":"2026-02-23T12:54:01.558846Z","times_seen":19,"resource_available":false,"data":null}},"time_used":537,"timings":{"blocked":178,"dns":0,"connect":179,"send":0,"wait":179,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-2d0a35a2.c4556ea5.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.675Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d0a35a2.c4556ea5.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-4c8\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1224,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1200), with no line terminators","md5":"65107d72da04c1cbca07ce7505dd52c9","sha1":"59f0aaf3238f3930dfeb8b72766c5c326a2173fb","sha256":"e5091d66e518dd0250dd6bf49ca20d18f926dc0d872419ade3ac72edb96746f9","sha512":"668adccd98e0602575b37f5d887dbd5be393853a6acb597f79fcc6fa31fbf434703707b9c328af41da6873378d98c26c234c71e0b058677f674bec95358f5d2f","ssdeep":"","tlshash":"74213514f053e9d4fc7f9445222c7334e062bec58946a1c1b9b8c69553c4c651b1e79d","first_seen":"2024-06-11T23:26:01Z","last_seen":"2026-06-01T10:56:00.234251Z","times_seen":259,"resource_available":false,"data":null}},"time_used":537,"timings":{"blocked":356,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/banner/202601/24/406051b4711348719ebf885443df8c31_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/banner/202601/24/406051b4711348719ebf885443df8c31_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: image/png\r\nContent-Length: 389025\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 18:20:59 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":389025,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 699 x 650, 8-bit/color RGBA, non-interlaced","md5":"dc628648cdc965aed294f132fa0754ec","sha1":"a59f6a41e6f6f6724c9224d16138028d2db5310b","sha256":"4df03b10efa046698ee1e896c66bcc19dbc132ed6b9d823ea3baa7b81fef27a3","sha512":"12ef1da890a9e5947135ed75fc6c215eb27618f002267d3b252ef542ba88fef90c2a45737113bf7a0ee57b660ca8733467aff9fa5ee3f3ba142ef56453898f6a","ssdeep":"6144:NnRjuYjXn5vxavmYbDQSGfwra/dHKPvCB7hgq7XuejBWhNs4Q9fu5BF7lKKbd:7xjXKPs+MKPqB7hprjMEm7","tlshash":"1784233ebf8fc2a7e5d38409667bb31515e1740582a915e26389bbe0980d447873f3bb","first_seen":"2026-01-27T15:16:56.800091Z","last_seen":"2026-04-19T23:00:56.548498Z","times_seen":17,"resource_available":false,"data":null}},"time_used":2047,"timings":{"blocked":549,"dns":0,"connect":184,"send":0,"wait":361,"receive":586,"ssl":363},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/static/icons/ic_withdraw.png","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.886Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/icons/ic_withdraw.png HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/m/index\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: image/png\r\nContent-Length: 1020\r\nLast-Modified: Fri, 16 Jan 2026 14:24:48 GMT\r\nConnection: keep-alive\r\nETag: \"696a4a30-3fc\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1020,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"70d1c13f7ac751ce09b753e3d955dcd9","sha1":"c968143931b9a22e7b6eb3f6a4bde6bf35f7154c","sha256":"6162c404f5ecd341bccec293364e418717a70e7bc69088f3539932283c9b9209","sha512":"120456706abe3cdee25d06462dcbfd3ae3c3b353b80f1c4c4ba0596e34ef19e7affed608afaa51a20c76f1382a9c78a3801de2cdc155c0870d6d6a5baa820610","ssdeep":"","tlshash":"9a110ce301519d22d95712fe8e340460b5472dd4031022c8bea39fe8eb14fe501c4339","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-06-01T10:56:00.205227Z","times_seen":90,"resource_available":false,"data":null}},"time_used":305,"timings":{"blocked":125,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-2d0d3e42.fb15c1a2.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.253Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d0d3e42.fb15c1a2.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-33af\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13231,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12985), with no line terminators","md5":"aff25d0edeb7ddd40d4f745cd32b75ed","sha1":"01b9b56947b295dd657541bef55a72c49f0d2456","sha256":"8a71b40b8413512d6716a7ffd4e998050c1c4172f45a7bb7af4cdf55ebf30516","sha512":"340ed47937e7de84c1a76ddc814478c66da15d5c483d5f8b520fbf9ed20f7811c567cc007f3572729a2a1cccd5f79a2bc9dbfa96ed16bf0a33705ac2de5f2456","ssdeep":"192:Ajt46CnVIZ5xHo9CBlWbY4XsjXYbQ3qNLqbpPtqI44PnC4QL0b/3Ps1I:AjC68VIZ5UlbKbN1nxPC4Ay3PsO","tlshash":"1c42c6ccb1d7f42946676231901f200af23e696ab40ac145f768c8e1e8b486e537bf7d","first_seen":"2025-04-17T22:27:18.820589Z","last_seen":"2026-06-01T10:56:00.204339Z","times_seen":204,"resource_available":false,"data":null}},"time_used":696,"timings":{"blocked":519,"dns":0,"connect":0,"send":0,"wait":176,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs//Swiper/4.5.1/js/swiper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs//Swiper/4.5.1/js/swiper.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 14:01:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 28993\r\ncf-ray: 9c71fb8979ec4e4c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03cf2-1f6e9\"\r\nlast-modified: Mon, 04 May 2020 16:04:02 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 915616\r\nexpires: Fri, 22 Jan 2027 14:01:45 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=0KNxq4XH%2FCBmmJEzdWpPq%2FzHAWiXoxCVGIl19hLjGtJEpO4DGSvmXr9Alo12hO2TcsqCcuS1jL%2Fv4KwLpdm1Xk65aEsWDivyCozAeISZhjS2NiBlRw2yXNkMfJZmq6K%2BXGm8iUvZ\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":128745,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65269)","md5":"2ac19265b38d14235141d184bca54d9a","sha1":"c725eb5a33d093e331e25c3a5ef1272b0f1f648c","sha256":"e2c1132a1877692ca2e8d46203eaae9cf6936b0a9230341c6bfc4b5aedbb1e0e","sha512":"6476ae51cfef0724ba254cff1e5d68f2cda477840954b01b933f1c9608ed6ca5094fe006d5cef7e5a32d54b25fb4a418a3e2c3eb642bcafa0d6bebaacbeac21d","ssdeep":"1536:O/pPCitsufJthaK85kqzOAkRlojU6tU8r5MhkhGllpcXvH7WcWUKcOqylFE8BtOa:+JthJkOAkaRaaGl4fH7WcWUKcOqjtYD","tlshash":"2bc31849b35071e551e72256539ed601a3b66845b90ac0a831b2d8d7acbce8c03bfffd","first_seen":"2023-03-07T12:58:52Z","last_seen":"2026-06-07T13:47:28.132217Z","times_seen":2387,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-4acb87b4.1b8f641d.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.833Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-4acb87b4.1b8f641d.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-6e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":110,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"63a91d823ad0600516e8142070f73022","sha1":"3b0cab14963a46b974598c88d60091229973a527","sha256":"1c3f2cd35e863cff9028dc65811b7e2eed91c9780bf887d7ecb29ebc6bcf5565","sha512":"deb695cd0e1585216a1bfbb391af8b561d3019893fa06b2e833a36a002ccc0d1f1b59e6a10ba2fdacec64f38bdc3fff79224335606f53491f9ab6ff9290417ff","ssdeep":"","tlshash":"6cb01200bc0c0c0d0ee3d3482064da871410ab13c980339f3da1c9308f03170b403c89","first_seen":"2024-04-28T18:22:37Z","last_seen":"2026-06-01T10:56:00.236614Z","times_seen":265,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/626709e77aa9408dae687028b41618d2_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/626709e77aa9408dae687028b41618d2_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:21:14 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3264,"timings":{"blocked":3071,"dns":0,"connect":0,"send":0,"wait":182,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/banner/202601/17/c35fa18ca4114acd923d907ffa8fa800_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/banner/202601/17/c35fa18ca4114acd923d907ffa8fa800_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 6495\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 17 Jan 2026 14:58:04 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6495,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced","md5":"f8f831ea05790e70229847bdded8073e","sha1":"10cb798a5a3b8a15f053cf23617f908982dc8651","sha256":"60f0bef1d94953c9a8d6e3ddb33b2ded547e7d5e69a90abddb580bf00ae3d697","sha512":"9ef376f939402c860a63328c057d0e4c818a9eacd6f6c272aa0800c35aa364136d40369c2eb61a76b558646f738fd0b0a507a89e76428442c9c184cf92f11805","ssdeep":"192:PSX6knOHiJNWjegyM6ka35WqlBNVsr79S9p5tYhqctjle:6XJnOHeNuezMsWqUgf7YhqctZe","tlshash":"35d17d07dc4a6d10fb2ae81679e872474ef703d4199768946daa48c6fdf033ecc298c1","first_seen":"2023-05-02T09:51:09Z","last_seen":"2026-06-04T10:55:59.697641Z","times_seen":296,"resource_available":false,"data":null}},"time_used":903,"timings":{"blocked":725,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-2d0d2ed4.7c3b3e40.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.247Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d0d2ed4.7c3b3e40.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-4570\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17776,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17274), with no line terminators","md5":"ac18104bf12caffe1d489721a89a02bc","sha1":"da379ff27e10a2e3eabe12413e95572f0f2fc973","sha256":"86b6cb165d3f3ec46724f61f98d43cfc5dd1970a83fd229089908992c03fb5c3","sha512":"0b05cb0e5071d14b256f69a9de8b649289b4181203a43901092713b19bdddde11e7eb3db134a6e3f847b298e66cd3d0ab9334df9bf92bb8175a09316e8d8c0e7","ssdeep":"384:LoGGUwbV6mR88M4cburqT+Xo9br7+NYjMdjE2RJH1rS:LbuGT+Xoxr7+NDdRO","tlshash":"fc82b68dfacaf4270fe27325b41f208ad22b545cf809455cf328d9e679baa095117b74","first_seen":"2026-01-27T15:16:56.796919Z","last_seen":"2026-02-23T12:54:01.627436Z","times_seen":19,"resource_available":false,"data":null}},"time_used":693,"timings":{"blocked":512,"dns":0,"connect":0,"send":0,"wait":179,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 14:01:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 6201\r\ncf-ray: 9c71fb8969864e4c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402b-5915\"\r\nlast-modified: Mon, 04 May 2020 16:17:47 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 12311704\r\nexpires: Fri, 22 Jan 2027 14:01:45 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=a2oF23%2B0FdikpUvu78uLAvKvJhP9U7nK3WFrZ0eXyDoOPK4ckUTI4fWLfGXzB7PjwnZT3ffHgMtbaKk94Jw%2Ff6BJibOFwBFGbxMQIgHiSXlNybP23FB5cXAzl4%2FOWAKv28qJbS7o\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22805,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (22712)","md5":"c019be63e713ce6f2aa221c0df8fa0cb","sha1":"e5471888945144f233714d470959059c010eb667","sha256":"87e6aba4bd25be4196ad7f269a62de823242abe105df538f218d4e6e268f74ce","sha512":"6ca3ae5fb17dc20a2c27d4008454feb7cefc626bf104252354c1abd0977f73a315001d94293a7d4379ecfda6ba21d3f49a992f243a6f9249c935195527d407be","ssdeep":"384:BPdUYakDlUGQrDQxMQ4rJaT30WCxQI1cg:DUYzhUGmUMQUX3","tlshash":"cea2b7c6f56270270a9260e5183f1107a33f241d648d855df2d6e8ee2ebdd8e91a3f39","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.100935Z","times_seen":1153,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":6,"connect":7,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/2c8f4ec3643e4bde8b38d9be96feef5c_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/2c8f4ec3643e4bde8b38d9be96feef5c_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:22:18 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3327,"timings":{"blocked":3135,"dns":0,"connect":0,"send":0,"wait":181,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-1b5a0ff6.5bf61409.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.447Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-1b5a0ff6.5bf61409.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-c3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":195,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"3221fb067b1cde22f7a51f3e176d770f","sha1":"4cdf60b231ed45d5d22340945a519a1ff2d8a59c","sha256":"3262ab79ed69af173a45cf6ebe34046a3e5a5423c5a0b49fa001ceaf86324ebb","sha512":"034b963413d230db730001b883a237049a791f3a9ccf111ccdbb5f31d82c02de015f75f10e1b469e4464d788fb766c2a04d228d18e1ec7fcd90e0b4f53e1979d","ssdeep":"","tlshash":"37d002b1291de0bbe637c16501dcbc449165f626d2775a41c9c39b2819cb2033eb4398","first_seen":"2025-07-19T12:02:29.42352Z","last_seen":"2026-06-01T10:56:00.22532Z","times_seen":68,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/c9551de46c4149239bc55e7586538465_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/c9551de46c4149239bc55e7586538465_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: image/png\r\nContent-Length: 70911\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 18:53:14 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70911,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 980 x 980, 8-bit/color RGBA, non-interlaced","md5":"c95ab0db6212f241858d269c406af4c5","sha1":"6670be1147d3033b640d5e901d81098460f1d646","sha256":"34a7fde3096275fbc3debc6963e9156f32271886d6d6f3126067d0a7407754fe","sha512":"3dd93150fde29a1b7f1bdae4d9678daa28703eac4dc11b9570f17ff733684d9a604af9b91c023badc22f69e63556de12b3da633f7ad348ac0e2373224053a0e8","ssdeep":"1536:OAWn5JwkLDgr7rIBYHssu+jJzx963qK6om7ae5YQeFyxQGAJuRVA:HWvLUr/8ufu290qK6om7aiCyjAMHA","tlshash":"6c6302534babb125cdffe03014c3ceb8996286583b162c7cd9f4e218936690d229dbc9","first_seen":"2026-01-27T15:16:56.823381Z","last_seen":"2026-02-13T01:17:51.146991Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2006,"timings":{"blocked":734,"dns":192,"connect":179,"send":0,"wait":356,"receive":180,"ssl":362},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vue/2.6.10/vue.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 14:01:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 30769\r\ncf-ray: 9c71fb89bab74e4c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402c-16deb\"\r\nlast-modified: Mon, 04 May 2020 16:17:48 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1588846\r\nexpires: Fri, 22 Jan 2027 14:01:45 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Ro4CzCle9%2BmEk%2BE3xYLsbqMmr%2BXYR5cW1t1JoFW4LFKi0O9wopzlvl%2BT4MP1IgY%2FzTLjclnpWoUkR1spb7hU%2FvjchbBegvspzjx1NtBZ7%2Bxx86icoFmZuYGKtuvPlM4oGmWwxscy\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":93675,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65449)","md5":"17e942ea0854bd9dce2070bae6826937","sha1":"434cdec1669f2c6c7406297a72120936bc56ed52","sha256":"72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26","sha512":"3f0439fa3817c71a6b34673cd32707137b29823e93b8389e1deff24e46c427e5396a897b753ba98bfe156f01c7ce54155bbed56f418b388b22622807802e6f72","ssdeep":"1536:1UXY7qLtpHt2Pqe1mZ8I6H82RaLiMBlo2VV2B/S/g:MYeJpN2yefjMBlPV00/g","tlshash":"529308dc7299b07157eb31f1107f140bf2365a19ac0ec194b222e4e67cb984d92abe7d","first_seen":"2023-03-07T01:18:07Z","last_seen":"2026-06-07T08:22:31.044218Z","times_seen":4057,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":2,"connect":5,"send":0,"wait":16,"receive":1,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-router/3.0.7/vue-router.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vue-router/3.0.7/vue-router.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 14:01:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 7869\r\ncf-ray: 9c71fb8969884e4c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402b-60f6\"\r\nlast-modified: Mon, 04 May 2020 16:17:47 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 2105706\r\nexpires: Fri, 22 Jan 2027 14:01:45 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=H53P%2F00ykHLwAfJnBImLH61oe8iMBGKrP4g%2Fi12iyDi1tvvv4%2FHS8j5t4WXkoTivep0U47gqH8KSmuogoOIhoizE0L38KmCo0z5uubnwiXx4wTWQ0fGgD2OwFl3VxZrb%2FxWG1DOj\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24822,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (24752)","md5":"32e2eb91e6ed0512057b2ad1e6d1b242","sha1":"27809df1b99a4b81b6b82ba2985cdd4b1c8bebb6","sha256":"e8707a396dd2f8d74eaaeb2f784074a24d7a71cbe15dcc70297f726b31c160d5","sha512":"0ab7b445b586dd27a0aeb72396350982783129c9ba028ba1db847c9d2acc0de9c90c3c9636e76a21553fedf81031220f3676ea64bf7336644c04da33d744563d","ssdeep":"384:UUcnX3xpR5tumD+EaKGZRpqB1UdEPQFWmexTMCJ:7E3jXtuW+qGZK1UCP5mqMk","tlshash":"01b2c7ddb581b03547e326a0412f250bf27b358db44e8498f269e4d52cba85ec42bf79","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.190705Z","times_seen":1171,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-11dc054a.b4f2d272.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.200Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-11dc054a.b4f2d272.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-5a10\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23056,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22760), with no line terminators","md5":"ed50c6d644b682e17968288255bf7440","sha1":"e9a3328cd426b48be0900355e5228c4c94452709","sha256":"47b447d821f058f7fe0b1f222b77124d1edf46c0ed804cc148ee8d7fd041f9f2","sha512":"07b44194568d52c8cc3399f6367021333636fda2c1de5e0f8f1d99576d36a9b8ad009f219c293c0cf117e256f2f5071f0aa30fd8e5c8efb1e0f904f6a6b86d8c","ssdeep":"384:GTOSwD92BtWlp+zp6iTu8xM0qP+oqA5rYGJm:GiPE18Su8xMio5Q","tlshash":"dfa2b648b1c3f16e8a7b9521811f1929e2396ac9e415d045fa3cc4d0b9a4c6d2b2fffd","first_seen":"2025-04-09T11:39:55.960728Z","last_seen":"2026-06-01T10:56:00.258085Z","times_seen":104,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/lib/flexible.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.156Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /lib/flexible.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:45 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-409\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1033,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ff3955ccaab30b6705c564ec20327213","sha1":"b6a9a1cd9cd27a7791f43758a360dad129ed2802","sha256":"1a61c02df0ce591e74ffac300f6c2e2ab3614ec95a9bb2f8d29aa6a9ae099deb","sha512":"a9fc65c1298158177afdf10a06e723b893187150ee4f73bdb16b842d140bd0881d53da1a109fa051c0eb44a419ccf27afc072515f23a632d3bf64a69c7cbcd1b","ssdeep":"","tlshash":"631175315350b490a4f78e33320d955865304352cc378a60f320f198d5e203b27a2b8d","first_seen":"2024-01-12T03:26:58Z","last_seen":"2026-06-01T10:56:00.191485Z","times_seen":271,"resource_available":false,"data":null}},"time_used":538,"timings":{"blocked":174,"dns":6,"connect":178,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-23cea0af.f88be9a7.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.647Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-23cea0af.f88be9a7.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-95\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"8ff02eb123d7e9cc01a6e0a37a8e2421","sha1":"4f866a4cac5ea6d9c9b22a96aab46df2b1c76e17","sha256":"ce59cda2443069f2e9f0decfb33419d36a8a8c8066485b0dc283995ead3d5d4d","sha512":"de173bf58d2cb5837df3ad16d08ff842c87a0d05b365913da27d3b90409ef3b99b69128264d7849deaca9719c8b42f731af90a6e1d8e462c4943ac98d26651a7","ssdeep":"","tlshash":"07c02b03761a2026017f88fd217445c239dcaea3ddd1c1e058b3c4001c83a76370f12c","first_seen":"2024-04-28T18:22:38Z","last_seen":"2026-06-01T10:56:00.222673Z","times_seen":127,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-44853638.dc0dff3a.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.821Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-44853638.dc0dff3a.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-225\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":549,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (549), with no line terminators","md5":"543c20808701b85c34b0d28fd21db192","sha1":"daafd5e95b9657b6ca14c3481b43074dbeec6abd","sha256":"71c664f917edc7fa00c5aed7e33a9911bd8bb185cf72724db6fb464dd86c9927","sha512":"01768a531f71d3248377d09dae80481262a7a5d1e976d4b3c8839264eaedbab1c2d302280c2786bf3b8b45221a14092e6de16917204087913c120785dfb9a66d","ssdeep":"","tlshash":"b9f0ac36391d0025b02ff76ec45006f4813ce143a52b0ea63a0a33229a675da31996c5","first_seen":"2025-04-09T11:39:55.955972Z","last_seen":"2026-06-01T10:56:00.186142Z","times_seen":105,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/lib/mobiscroll/mobiscroll.custom-3.0.0-beta6.min.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.154Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /lib/mobiscroll/mobiscroll.custom-3.0.0-beta6.min.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:45 GMT\r\nContent-Type: text/html\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-3c39\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:1.11.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js:2.6.10","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"SockJS:1.3.0","description":"SockJS is a browser JavaScript library that provides a WebSocket-like object.","website":"https://sockjs.org","common_platform_enumeration":"","icon":"SockJS.png","categories":["Web frameworks","JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15417,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (11857)","md5":"e391d8de43bdc115e55532c3caa70655","sha1":"6201122b8e10dd2fce30b6aab0252e1394d02bed","sha256":"980196c32e203478cb5394dfc9d44143a6eadf71a71704cacbb335b537c53373","sha512":"802c8881d3a031a16f2c2c8ca221d56e09abdffc5d38d7ca654a5563627219f4e0ba76db511cd607a9e45b8717c1ea2bba7cc04ba2b0536b29b6508856a9205f","ssdeep":"384:d1J0CLlqU4TZh4p3Jsr4z21PLMEE4AJI7QntyztM4KaZ0W1nL:d1yWgCaRJkJI0ntyztM4KaZ0W1nL","tlshash":"eb626469d20009edf592ce8f5a75bb6994e77c773931e484f26d884bcf18fc4162608b","first_seen":"2026-01-27T15:16:56.77774Z","last_seen":"2026-02-23T12:54:01.558846Z","times_seen":19,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/static/box/bj.mp3","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"media","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.081Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/box/bj.mp3 HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: text/html\r\nContent-Length: 15417\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: \"696a4a2f-3c39\"\r\nContent-Range: bytes 0-15416/15417\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:1.11.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js:2.6.10","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"SockJS:1.3.0","description":"SockJS is a browser JavaScript library that provides a WebSocket-like object.","website":"https://sockjs.org","common_platform_enumeration":"","icon":"SockJS.png","categories":["Web frameworks","JavaScript libraries"]}],"data":{"size":15417,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (11857)","md5":"e391d8de43bdc115e55532c3caa70655","sha1":"6201122b8e10dd2fce30b6aab0252e1394d02bed","sha256":"980196c32e203478cb5394dfc9d44143a6eadf71a71704cacbb335b537c53373","sha512":"802c8881d3a031a16f2c2c8ca221d56e09abdffc5d38d7ca654a5563627219f4e0ba76db511cd607a9e45b8717c1ea2bba7cc04ba2b0536b29b6508856a9205f","ssdeep":"384:d1J0CLlqU4TZh4p3Jsr4z21PLMEE4AJI7QntyztM4KaZ0W1nL:d1yWgCaRJkJI0ntyztM4KaZ0W1nL","tlshash":"eb626469d20009edf592ce8f5a75bb6994e77c773931e484f26d884bcf18fc4162608b","first_seen":"2026-01-27T15:16:56.77774Z","last_seen":"2026-02-23T12:54:01.558846Z","times_seen":19,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/api/banner/1/list","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.576Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/banner/1/list HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: es\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/m/index\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2277,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0d07b4664f26907afe7ec8975ce630cd","sha1":"925c29b2c3e9853519cd710fe836b587f9430dda","sha256":"b7f88bb3dbdae8e7e6d7e1d9f74c0d5fd60af4d80a5dcf115f997799eb75c7f5","sha512":"64f7c73c6d71c41e53e01a56950ac1282bc4b12560d086e9cf825499cffb9dd345003a777482dd47cc86ebca92f2d72886065689307a304d0e4de18788b39d00","ssdeep":"","tlshash":"5141ae19da61e8f8b48681c341eff48aa4ac777fc5c176543a82cc4c848cab5ab5b01f","first_seen":"2026-01-27T15:16:56.847519Z","last_seen":"2026-02-13T01:17:51.135553Z","times_seen":16,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":74,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/14d615a38b684398b07a072fbd7b18ad_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/14d615a38b684398b07a072fbd7b18ad_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:20:12 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3081,"timings":{"blocked":2887,"dns":0,"connect":0,"send":0,"wait":182,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/04da7fcc1c0843c0b093db354225b67d_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/04da7fcc1c0843c0b093db354225b67d_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:20:26 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3086,"timings":{"blocked":2892,"dns":0,"connect":0,"send":0,"wait":183,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/47343e705ced4bd6aab10bbe3bde1904_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/47343e705ced4bd6aab10bbe3bde1904_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:20:39 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3107,"timings":{"blocked":2916,"dns":0,"connect":0,"send":0,"wait":179,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3080app.com/","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-01T14:01:44.288Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T22:34:23.045387Z","times_seen":16223158,"resource_available":true,"data":null}},"time_used":373,"timings":{"blocked":0,"dns":1,"connect":179,"send":0,"wait":0,"receive":0,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/api/common/dict/allMap","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.402Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /api/common/dict/allMap HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: null\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nOrigin: http://3080app.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10943,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6286984ed4d43dbc05b7d2ca809bb3f5","sha1":"223c83b75aa30fe5b236fd10eedd98edbcd804db","sha256":"d1ad2b81d11b6805570778a7b7e190dfdc3ec4cf955474faffa35d9d942ff4d0","sha512":"b385cf6ead0aa98bfd6b65013a1a2e1d68085c2a96320d8005ed612669cff1187c83983a54d7033218b4b5150be8e9e48c545124ed0e7bf67d21cbd2bda0fa44","ssdeep":"192:awc7RQ8VYkYN3SVxEH8AjW3K/ROMEjQH7q2VyfYo/BN2F3EjZaT7anLDQ8eGAv47:awc7R7+N3SrEH8AjoK/ROMEjQbq2VqYw","tlshash":"d632f08c6647b9f99d0ffc2492f8789e906d3f765d8dc6556e42a44930f00806a29f3f","first_seen":"2026-02-01T12:45:45.613253Z","last_seen":"2026-02-01T14:02:22.312398Z","times_seen":2,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/api/country/list","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.820Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/country/list HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: null\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":707,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6c243f057609a5152fb2bbb325df1782","sha1":"5663de5daa3aa49245b99a68e7b784ec3cb4fe56","sha256":"a61817c5058f0b31fe58c482bc57d9d1702b8c35ff96839740754c9d9f314c0c","sha512":"35c19e41e94ea1467d5810550255c11f124f98f8b3449e5743c14f6735c438fc63703855b3f2d1075b7d1f4ea077a5fd13b55c40c85fc706887e3682971ea930","ssdeep":"","tlshash":"1801c09d114cecffe944a152984f6b3e393a45a2e8c63c4413ce9abd42c3de1820cd36","first_seen":"2026-01-27T15:16:56.830855Z","last_seen":"2026-02-13T01:17:51.146249Z","times_seen":16,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-f438de52.856cb3a1.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.022Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-f438de52.856cb3a1.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-9e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":158,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"5e1d6e64b7b23b2bf5b9a0995dd513b1","sha1":"a8d6d9ea89023003eaceabe2a49c41d12381b3a2","sha256":"79a9a3357587daada819296af7ff82d5518704362c3f9e0aabc927fe2cf25377","sha512":"ec6c3a70751b4e512340e86fda978d40d0d11a0a99b640513a40c32ac22afbd0c1c9ed2d91ba2c2682eb86ce7ac67f259bf334d1b4ec9ef1b14bf11d21f5abb8","ssdeep":"","tlshash":"c9c08cfd2e8c409f3e2688a608bf0a844125e29a82cd797c4aa35bfcdc2a73a1520454","first_seen":"2024-04-28T18:22:37Z","last_seen":"2026-06-01T10:56:00.205807Z","times_seen":127,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":94,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/9ac8aa6434cd4db0bec7285b84c6801b_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/9ac8aa6434cd4db0bec7285b84c6801b_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:16:50 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2584,"timings":{"blocked":2392,"dns":0,"connect":0,"send":0,"wait":181,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/886102f707a4496dad5853616ece99e5_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/886102f707a4496dad5853616ece99e5_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:17:03 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2678,"timings":{"blocked":2483,"dns":0,"connect":0,"send":0,"wait":181,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-2d207f61.5777890d.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.367Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d207f61.5777890d.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-a3a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2618,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2576), with no line terminators","md5":"3a114186f6be942215aecba1a5e8f0bd","sha1":"b1fe4469917a7b0a5f948801440967c7e436c29e","sha256":"9dcf1dacc6bba72317f67d47f5ce5371d3b6c121a21988d7b1531915cfb66564","sha512":"18ac6131c93227b662390b292f14c10b04ec9e03be914ae28332ca3ddc457d61a6456ec057d6cc254e0724ab5a6d661bdfb2b257abaa7133e0e2805ab6153e38","ssdeep":"","tlshash":"db51770c70d3f09d4d9a8017b22f1a64b1b63ecb2515c1a9a778c6e15a58de13317ff9","first_seen":"2024-04-28T18:22:38Z","last_seen":"2026-06-01T10:56:00.217003Z","times_seen":257,"resource_available":false,"data":null}},"time_used":597,"timings":{"blocked":418,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-11dc054a.dc0dff3a.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.442Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-11dc054a.dc0dff3a.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:46 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-225\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":549,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (549), with no line terminators","md5":"543c20808701b85c34b0d28fd21db192","sha1":"daafd5e95b9657b6ca14c3481b43074dbeec6abd","sha256":"71c664f917edc7fa00c5aed7e33a9911bd8bb185cf72724db6fb464dd86c9927","sha512":"01768a531f71d3248377d09dae80481262a7a5d1e976d4b3c8839264eaedbab1c2d302280c2786bf3b8b45221a14092e6de16917204087913c120785dfb9a66d","ssdeep":"","tlshash":"b9f0ac36391d0025b02ff76ec45006f4813ce143a52b0ea63a0a33229a675da31996c5","first_seen":"2025-04-09T11:39:55.955972Z","last_seen":"2026-06-01T10:56:00.186142Z","times_seen":105,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/8e27b1477d2349be97fdde61cdfa6486_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/8e27b1477d2349be97fdde61cdfa6486_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:12:20 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":1982,"timings":{"blocked":1781,"dns":0,"connect":0,"send":0,"wait":185,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/35014cf3b91f44c4b35b994f69796042_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/35014cf3b91f44c4b35b994f69796042_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:24:10 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3664,"timings":{"blocked":3455,"dns":0,"connect":0,"send":0,"wait":181,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/banner/202601/24/9783ca8373b343f48316cb46c7978294_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/banner/202601/24/9783ca8373b343f48316cb46c7978294_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 279027\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 18:21:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":279027,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 699 x 650, 8-bit/color RGBA, non-interlaced","md5":"7c6e1dd2ca77c5739d91dcac48697a0e","sha1":"2530d610b6df4d0345ff4f20b8ff9e45205cb1b9","sha256":"90b1ff64da6d5eeb21c13b531c562bd1061976452e4590bd86d00d8d229004fa","sha512":"381ad1d46b67f57fdf50e99a4e38a375b9121e26c4e3ddb996f86cf4ed2fbd3bd04e6ac4b79677a429ea9939967b51dc9d399f6892d4a3098c167e31251cef53","ssdeep":"6144:+yyrkN3ZPhPghHLkE9ZPVHmOaz7m8s/BsIezxcYGEiJR47Y1ctcUg:QYakErPpmOei8sZ+ziYGEu47CicUg","tlshash":"1e542383b5508d739e9b926f4f6d2f344ff1e008e247b3414d86a6c13b1b585ae47a3a","first_seen":"2026-01-27T15:16:56.857591Z","last_seen":"2026-04-19T23:00:56.649846Z","times_seen":17,"resource_available":false,"data":null}},"time_used":2029,"timings":{"blocked":1466,"dns":0,"connect":0,"send":0,"wait":190,"receive":373,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/190bf3a6acec4a75a32d752aa4f7c5e9_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/190bf3a6acec4a75a32d752aa4f7c5e9_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:16:39 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2568,"timings":{"blocked":2376,"dns":0,"connect":0,"send":0,"wait":181,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-2d21d44a.9e3c7a52.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.730Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d21d44a.9e3c7a52.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-550\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1360,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1332), with no line terminators","md5":"063b1dce058d78683019c57d4b6de853","sha1":"cd62098b12168ff32db1afe785da0db3a3568e38","sha256":"58023a2e105bf911f131610a55750ba7386fc39096133d727635186a98a6127c","sha512":"9523fb7f681f7abe0b168b735a1b904076e6e1cdfe3e57dc02b71fc22e1603445365362148588704b92dacf0d7670b64d862cdec5943502cf419cfcaa60ad03f","ssdeep":"","tlshash":"cd210f54f087d28dac7f8001a59e3234f0242fd84551a2c3abf8c56516d5cb90b0d75d","first_seen":"2025-04-09T11:39:56.010645Z","last_seen":"2026-06-01T10:56:00.198385Z","times_seen":110,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":79,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/js-cookie/2.2.1/js.cookie.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 14:01:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 1299\r\ncf-ray: 9c71fb899a3b4e4c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ec5-f2b\"\r\nlast-modified: Mon, 04 May 2020 16:11:49 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 3752005\r\nexpires: Fri, 22 Jan 2027 14:01:45 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=cQFzedIXzUMFiuUSUESgn2TeNVh1HJLO1eLI0%2BINCpr3oFMRMGMQ2xrqixjC6EkkW9rZOiQYFKV6%2F301pWCaQU7ldgoGDAWQBVFxHYwhfHvEy4bzXgBGCoLB5gLKsAILwQ1VmMpT\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3883,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"fa93e8894edb6245ab03883633b12b6e","sha1":"e3ba4c7d1a8876090756fd31715b4f6af6fd649e","sha256":"3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15","sha512":"263612833aa8f4ad08798184b25311604f1a3bdb6aecacb71103661159007ba0a9d7803094930b3276f47e980492bdd8c49f208508ab88ebd9c0875166278621","ssdeep":"","tlshash":"0c8124b0bb8d35ab0e0e21145b1f60cd927ce43a085949f6ec9df1321468c2e977ad6e","first_seen":"2023-03-07T12:01:36Z","last_seen":"2026-06-07T15:52:31.218978Z","times_seen":3334,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/css/chunk-4b346616.5f36c1ce.css","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:46.835Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-4b346616.5f36c1ce.css HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-137\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":311,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (311), with no line terminators","md5":"08d7468828b9d3af79f2beddd30ea454","sha1":"9d937dabc497e1d26fc72d16e44d6c38397ade66","sha256":"a5f727bac268f24c09680cef211f65c30cf1a3b5c7df78b2db92b215344f80d8","sha512":"810377a34e3b7d2e2c00123d4a43a72145cf349d9efde2914d6c7868318acc25b7a4082caae4d36b788f6104d4d709688062eaf0a57787cad6c5c62a302a87b7","ssdeep":"","tlshash":"c9e0c21a79ae20092b3fd3cbf4405fd894a06b12dc6847a3ec8247350f0f2f62b00a89","first_seen":"2025-06-30T02:18:00.922588Z","last_seen":"2026-06-01T10:56:00.183085Z","times_seen":80,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":103,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/3e92fe91aced49b29285b9b831f9b2ff_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/3e92fe91aced49b29285b9b831f9b2ff_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:11:48 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":1884,"timings":{"blocked":1691,"dns":0,"connect":0,"send":0,"wait":181,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/f0eb5ce6e4c443a09b1b9681346d38ec_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/f0eb5ce6e4c443a09b1b9681346d38ec_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:51 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:23:08 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":3473,"timings":{"blocked":3282,"dns":0,"connect":0,"send":0,"wait":181,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-vendors.0959c18b.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.166Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-vendors.0959c18b.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:45 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-cb1c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":51996,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (29775)","md5":"59718baba413ffce8af627b8a687fb33","sha1":"7ad82303fcd29efcdad03df36319183f8787d4c8","sha256":"95732ae511ea64b6041ef117de0b516f6523a1d657c809f3117a0c9fc42fdf0c","sha512":"9a8210c594b1ff6caec54315030f045a86dcc4d2fdc681a767730e524dac8240f6038b6ce225bce1b0415f7ebc802d7fc47102fb86069fc6baf6d037790e8dad","ssdeep":"768:WscXuLZN8ZzldBKOpNtWVw5iVJonYrQBOJJB2GfJbrCGVuZgdpGd+cH0iIWRiAVo:5cXub8Zzl7bD/YowQKL4+cHdIziAAg5l","tlshash":"4533c788f2e6f074479761a4402f600bf279ad55744e88a8f225e4d1bdb8dce847bf38","first_seen":"2024-06-11T23:26:00Z","last_seen":"2026-06-01T10:56:00.256892Z","times_seen":129,"resource_available":true,"data":null}},"time_used":697,"timings":{"blocked":160,"dns":4,"connect":175,"send":0,"wait":182,"receive":176,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/0510ea9f210b432fb8e85c8a8b39a194_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/0510ea9f210b432fb8e85c8a8b39a194_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:13:08 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2141,"timings":{"blocked":1949,"dns":0,"connect":0,"send":0,"wait":184,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-44853638.a268897a.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.973Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-44853638.a268897a.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-598b\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22923,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22627), with no line terminators","md5":"079213fc155480bd62209dc4257cde1e","sha1":"8e5a547fe103f6f06dd800ff013f65fd6ffb6926","sha256":"6c94351db225214eedb9f5bb34717f1a1af329510f51d1c800804ca9da0ea672","sha512":"d905c6322a78faeedceed25940fa3bb7f2bad21ad53c959d75d6cef404eccbc2484ebf8f9d522fb12b124c9adde1b228284357601a2c3f8fa1ee17fc48c878b5","ssdeep":"384:8TOSwD92BtWlp+zp6iTu8xM0qP+dqA5raGJd:8iPE18Su8xMidLb","tlshash":"6ea2c748b1c3f16e8a7b9521811f1929e2396ac5e416d045fa3cc4d0b9a4c6d2b2fffd","first_seen":"2025-06-30T02:18:00.747245Z","last_seen":"2026-06-01T10:56:00.234817Z","times_seen":80,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":181,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-e19f796e.bd45e7d1.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:49.185Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-e19f796e.bd45e7d1.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-d01\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3329,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3329), with no line terminators","md5":"8816bb962321c72755013a3201eda331","sha1":"24fe5fe11c9f7672715ef5ed68c3fbaab0ee28bf","sha256":"372982eb6eaed682a071751397b7f9a9b25cbb881ded13f3e0b21e68355cc5f2","sha512":"0ea0dbbf50d0a3bb2736fd78f9f9e89eb86f69f0f344a742a645d72e76a201316d0b781dd1d527841c6afd796a23c2ef023313c41c2d793086652be415d852c2","ssdeep":"","tlshash":"a961646c71c3f4bd4eb7f161402f620ae13a36416035e841eb60c9c0aaa5c6f523af6b","first_seen":"2025-07-19T12:02:29.467043Z","last_seen":"2026-06-01T10:56:00.230752Z","times_seen":68,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-f8d706dc.d39875d5.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:49.314Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-f8d706dc.d39875d5.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-c06\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3078,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3070), with no line terminators","md5":"c0d65fb50ce143b5605c10d3e6e71b2f","sha1":"b63607f03ad005e13ba8130d6dfb3cb75a4c47eb","sha256":"b2c0c555e2214756afa19dcedd12893181ae941786d7535e3263d53f7495dab2","sha512":"9f6ac6e832e05b9b7921d9ad1b396d130ad3f66cab6beca11c0d3b2901cc79259ca37af1d6fb3e15958017b69463e8784d1cf5e9428d9adfad55ecab7927cda1","ssdeep":"","tlshash":"2851330d75c3f4689aeab161501f2239f22b6ec49006e910fe34d4d17f61e69332eaed","first_seen":"2024-06-11T23:26:02Z","last_seen":"2026-06-01T10:56:00.201167Z","times_seen":120,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":178,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/340eb081d6f84736849d37b7a34fb02e_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/340eb081d6f84736849d37b7a34fb02e_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:12:31 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2020,"timings":{"blocked":1825,"dns":0,"connect":0,"send":0,"wait":178,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/banner/202601/17/928f223eb5594e88b7d9afbf0322dbc4_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/banner/202601/17/928f223eb5594e88b7d9afbf0322dbc4_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: image/png\r\nContent-Length: 36342\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 17 Jan 2026 14:55:57 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36342,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced","md5":"ff2583db35c4acd87cbf195af9e9b202","sha1":"accfcd83b3d9f5de5aefe233ab1add6f800486c4","sha256":"8ce9d693209b66c96c19a29f83c57bf0389d81fc8e5ce4dcea63a4cc2c821928","sha512":"a5c52846621635a06e1ba79aaac03280f0c1ac38a51430b833afe536657eee5f703c432fbd23f5a8f82a4e47bf4e4aa21449ec597c8686e19c962d8c0d3d8060","ssdeep":"768:RJfYhYn07EF8k04B5h2FBHS/6W9tvQpxzP+QwV8QSciig7ETgzbCU:HfeeqRAUFBHSiMt4zD+QwaQSz4Cd","tlshash":"b9f2f1f1d0039a1166296b56eca2dcf3253a0c95807325fe1490c56f26ed1f9f17af8e","first_seen":"2023-05-02T09:51:09Z","last_seen":"2026-06-06T04:24:34.444433Z","times_seen":329,"resource_available":false,"data":null}},"time_used":727,"timings":{"blocked":547,"dns":0,"connect":0,"send":0,"wait":178,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-2d0d7fe4.7ea5bea3.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.255Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d0d7fe4.7ea5bea3.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-a38\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2616,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2574), with no line terminators","md5":"85e6c16abe67c57f69d2c8c7b7defc3f","sha1":"73ec895f2a50c863d8ea3ebe379b6cea63f830ac","sha256":"d4e3b729a67d406e2f89da70f5ba68c04b9bafae8ed779377aeacd854457ae9c","sha512":"3d09869add8668b7dc709514596a96fb70d857c61756aee7e31a840f591928511cb9b7488323094839f44f36c06f22448d9b09e14ea2b7a5278e4c2564606c4d","ssdeep":"","tlshash":"8051780cb0d3f08d5dda4017b26f2564a1763ec6151582aaab38c5e15a58cd1331b7e9","first_seen":"2025-06-30T02:18:00.839676Z","last_seen":"2026-06-01T10:56:00.209731Z","times_seen":80,"resource_available":false,"data":null}},"time_used":471,"timings":{"blocked":293,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-4acb87b4.a96cc41b.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.996Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-4acb87b4.a96cc41b.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-134e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4942,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4916), with no line terminators","md5":"17a5e0892aeeaef5237292be71721624","sha1":"825cf59ca832baa56c55e8944f37879acea468f8","sha256":"e591ce5c01f71a639f47ea735de6402b56c44f04c2b664473a45b3ff3ff61972","sha512":"7d5eab5473d7065e336c0e4231e5a71bf66989b4d1bf0865c34031756a4e87235127ed10cf5863387c55d1b357110f179f781746e660683978d4238f1a2faf79","ssdeep":"96:PhDHbbeN0BH8e6B/oNzGxNvFMM+ay61C96Du5Htjpy3VQUbb:P5Huma9/oVwsMVy61CMSFaDbb","tlshash":"7ea1f969a3ccd1dcac1fc65bea1e2868222706dd71115145a2a9dcb0a253de88f1ffcd","first_seen":"2024-06-11T23:26:02Z","last_seen":"2026-06-01T10:56:00.223401Z","times_seen":251,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-182e5dc3.defb634e.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.299Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-182e5dc3.defb634e.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-2e8a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11914,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11778), with no line terminators","md5":"eff859afb8a3df275b2d92e31472c68f","sha1":"fc245e439d856b97ff9c57e607ef2977fe61ed95","sha256":"1e109c80af9009e7cd9b560508daaa05a613fbf24ff62734e97e04a51db6572b","sha512":"a23f03ca3d27f47e8fd70c828f4d30f6ae5fc6d933fd825f9b6c900890cc58934c4d8ab92175f8ddd4a1686902140352553d54d4e15de811851d465f0abd0bb4","ssdeep":"96:hzOO/KhO/KPKaLmmxQKhMEOGpGjBMdvSNbB3wgsq/rIBNlujujDj7hlSPitAMLcg:hN1KhMdMGtUcw40zcj2P2VWHl3PgpliB","tlshash":"4e325509b8c7f166cc6aa021412f2535e17a7ec55422f141eb34cde0a6b9c792b2df9e","first_seen":"2026-01-27T15:16:56.813731Z","last_seen":"2026-04-14T15:55:46.960544Z","times_seen":25,"resource_available":true,"data":null}},"time_used":351,"timings":{"blocked":172,"dns":0,"connect":0,"send":0,"wait":178,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/banner/202601/24/f63480423483495d998bc4c37df5811a_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/banner/202601/24/f63480423483495d998bc4c37df5811a_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: image/png\r\nContent-Length: 309944\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:40:56 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":309944,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 699 x 650, 8-bit/color RGBA, non-interlaced","md5":"39f15d8367649cd3f864e2c2f17a2097","sha1":"0ab3f48d0165cf4ea5f2c55d92180b149511bf65","sha256":"c1d0bdaf6457cf3ae704b7f91e8489241bd91f9c5aaf8c2cc49a6a8f99b00dde","sha512":"1b4bcf8560ea00799701fc3c3ddd2dce2c0f45aaa13272d7efcec4b8cb01b01df02f7395b0f32c1dc642caec5f0792b3d70ff18bc8d2dab8f0fc905ca5648eac","ssdeep":"6144:QbUqdgS6mR9vIy+QbjMrw/oOfN4LsFxJMELdkGnJK+9WrKV0muWEPPzIObd:QoqdgHAIhYA3sbJhdkRiVePbIObd","tlshash":"ed64233bfa0f4bc1b8a34604403c63fe9a98d62b7b4bdd5a357963d37d191662880b13","first_seen":"2026-01-27T15:16:56.82605Z","last_seen":"2026-04-19T23:00:56.658292Z","times_seen":17,"resource_available":false,"data":null}},"time_used":2027,"timings":{"blocked":550,"dns":1,"connect":181,"send":0,"wait":359,"receive":567,"ssl":364},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/6cd8d372505a4f21b51f3e940193ac3d_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/6cd8d372505a4f21b51f3e940193ac3d_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:14:35 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2210,"timings":{"blocked":2013,"dns":0,"connect":0,"send":0,"wait":184,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-4366d870.60bd4013.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.953Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-4366d870.60bd4013.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-760\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1888,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1880), with no line terminators","md5":"1bad28d40532cfb347b325b0ab26b0f9","sha1":"98dae2768f84d8b9f58f044077dc33da68b9fbc4","sha256":"f25b13e2bc2f948a5c29f39814b304947a9fce6fccb7c2100591ce928a5f1ad8","sha512":"a1f3f37a9112509150cee74a267b8e43d6c83c0a09781ae4a6fd8265c154b78fbc801bd1140efca58e5a460e956bd062a12c93e7560fec587cb8acc739ed8a9f","ssdeep":"","tlshash":"bd41234cb183f0a907eaf126701f231ed2b56a95a81194795de0d1c0bf3266d2237aaf","first_seen":"2024-06-11T23:26:01Z","last_seen":"2026-06-01T10:56:00.261517Z","times_seen":119,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vant/2.12.44/index.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:45.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vant/2.12.44/index.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 14:01:45 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 38108\r\ncf-ray: 9c71fb89697f4e4c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"620aa8ff-94dc\"\r\nlast-modified: Mon, 14 Feb 2022 19:09:51 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 7441637\r\nexpires: Fri, 22 Jan 2027 14:01:45 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Y80oOlqOUvS6Rx7Oz7cUjwVHWDwUcWDwWPe%2B%2F5JC%2BFAuPCxh%2FjsBv1pCwQLTWtpi08aSSrnDs14uRwI9KJxQl4OOSLc7MWHLrlBcnN40PboaGwTJIO1%2Fr%2F67sKA0s0d9y53v9Kt%2F\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":143622,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"9a547188fa485f8ca9b2cc7d6d2524ef","sha1":"7893335159a1f637eb24cd05aaba96ac156c7f65","sha256":"897e513fc70a4e1759ceb06ed3c9348d036b36b724dc60d815f9f3124de6f433","sha512":"23653fb8a5c2f4cbc15cb35f215f166150516d84b8bcc143aff2d9c73056ce8e33689ef0578010cad93ea2c2e04423d3cc9ee1f5535a6bcb1e2302e5d47da263","ssdeep":"1536:KUyCltWrqoK3U0iNEBVcZH5NHMja4drYaAfP1rz1jVLSV:KTeVc5HMjajXfNf/SV","tlshash":"e3e3c52756c0236cb31bcd219bc096c5e224c123f5121bfaf1517a2dcfdbb9616a2b5b","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T18:08:50.598304Z","times_seen":2162,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-19e6f436.122c28fc.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.319Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-19e6f436.122c28fc.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:47 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-1327\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4903,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4877), with no line terminators","md5":"2e0bc0f3abefef3d980d12dd9a6107ef","sha1":"2de709a2db4ef69f18d8755645be6d72526ae01a","sha256":"42a00d5f218e022212b6487123dd5438ea64f9ee3da4323b8dd6870c03a8be1b","sha512":"3714d19b125886394875f97f6e36c7fa7a5952e080485931ad3ef459e72e493459481facbf242f4950ae19399c8a57de1ef3a3c1fb92ff1baa135a54f986f087","ssdeep":"96:WDHbbeN0BH8e6B/oNzGxNvFMM+ay61C96Du5HtjKy3VOUPb:CHuma9/oVwsMVy61CMSFvZPb","tlshash":"2ba1f969a3c8d1dcac1fc64fea1a1964222b06dd71115145a2adccb0a253dd88f1ffcd","first_seen":"2025-06-30T02:18:00.906349Z","last_seen":"2026-06-01T10:56:00.194951Z","times_seen":80,"resource_available":false,"data":null}},"time_used":331,"timings":{"blocked":152,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/c4ecf3f664304e329c23a80e11fd3e97_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/c4ecf3f664304e329c23a80e11fd3e97_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:17:15 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2703,"timings":{"blocked":2509,"dns":0,"connect":0,"send":0,"wait":182,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/cfg/202601/24/7ddf9e2245c1494485c3cda0a2a7cd7c_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/cfg/202601/24/7ddf9e2245c1494485c3cda0a2a7cd7c_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:50 GMT\r\nContent-Type: image/png\r\nContent-Length: 120294\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 19:17:47 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1474 x 1600, 8-bit/color RGBA, non-interlaced","md5":"0971421d3a24f6924ab51ac31751afdb","sha1":"b7fc7002ccc2845b24c5ace99b765985e33bd2e7","sha256":"ec24830f1e702dc3b9c5363864f8ab7d9ba28decc030c9d078e1c5160fac5c4c","sha512":"fdb296ab2bb1faed8147502b8d4a5bdfd927b15253c7ac1f0242795aa42022ee0dab1b15c224ab8323fd437f2ceee563c4729fa87dd55e07b165fe2d44dd8355","ssdeep":"3072:MKtaVdMcot8JyuO205wCMu3fRpDcAa3BlrvW/jyBmW+oTIChb:MygdTcuO75E23pkrO/jyx+QIO","tlshash":"94c312c2ea63ea05fc4b02fe95b667c869461637c1715ef01eb1ccdce60798cc065ada","first_seen":"2026-01-27T15:16:56.776556Z","last_seen":"2026-02-13T01:17:51.131383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2735,"timings":{"blocked":2546,"dns":0,"connect":0,"send":0,"wait":179,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mx-worktt2026.shop/api//file/banner/202601/24/e32f4a3cc4f449e8b365b5bdbd2b7231_.png","fqdn":"mx-worktt2026.shop","domain":"mx-worktt2026.shop","tld":"shop"},"ip":{"addr":"52.128.225.171","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:47.871Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mx-worktt2026.shop","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 05:55:14 GMT","end":"Thu, 30 Apr 2026 05:55:13 GMT"},"fingerprint":{"sha1":"33:F3:77:B5:DB:12:DF:99:C2:31:EC:CD:76:45:A0:CC:40:53:CF:CE","sha256":"F0:CA:74:6F:04:93:EC:FD:15:3D:0E:E9:D9:E5:24:29:98:CD:EA:49:D5:E5:D1:4D:C1:A8:BE:1A:11:25:54:B3"}}},"request":{"raw":"GET /api//file/banner/202601/24/e32f4a3cc4f449e8b365b5bdbd2b7231_.png HTTP/1.1\r\nHost: mx-worktt2026.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 522725\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 24 Jan 2026 18:25:11 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":522725,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 699 x 650, 8-bit/color RGBA, non-interlaced","md5":"73ce9e27971f9cd6a508b8b27a390d51","sha1":"f66603dbb72ec36595fc84f082b621eea251a59f","sha256":"9961c05dc445e153d26eb4895ed24672ccc842cdf86ce2e5fef2aaa113fe92dd","sha512":"76d803d6e0d4e5428ee860f7e8cc9c27dd51086bf7f22047a6cb4a0e4485b1390aad315a099e714f447899ac1c3aa406f31103b2ceee6850d2493434233963dd","ssdeep":"12288:HUz3pWs5tes6i+2y2EjRhLA1hSWbP1nKokzddi:He+VJ2KhLAbdPBMi","tlshash":"2fb433216df45cd6e97f58cfb0334d6c83a383bbc6c5a1059621e9ecb0ae517860a75c","first_seen":"2026-01-27T15:16:56.780628Z","last_seen":"2026-02-13T01:17:51.239072Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2013,"timings":{"blocked":1767,"dns":0,"connect":0,"send":0,"wait":180,"receive":66,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"mx-worktt2026.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"3080app.com/js/chunk-2d213517.1d9c21cc.js","fqdn":"3080app.com","domain":"3080app.com","tld":"com"},"ip":{"addr":"52.128.225.171","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://3080app.com/","date":"2026-02-01T14:01:48.374Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d213517.1d9c21cc.js HTTP/1.1\r\nHost: 3080app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://3080app.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sun, 01 Feb 2026 14:01:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 16 Jan 2026 14:24:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696a4a2f-5e9f\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24223,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (23849), with no line terminators","md5":"a7c08fe4876958637fb95af48340d03d","sha1":"6d8d46b389fce2058d06de9fc48855fb23bc139f","sha256":"d330977b223c5e5917914c4ebf2a603c3472927ce31e00918ba963aa9b13d1f9","sha512":"f00413356fd68992d5b47883c7db89b34a76c52e204db5441c4a4ddaf3fbeae5dc254b230fde5c6661e819b67e6502c1a9aa34a01588923bec918358a79a9f00","ssdeep":"384:NYoUhJhj5qaL0lV8/pE5TPLt+/NojvZuHoEBjptEC3:NYtPO+hoTjt+/Nojv7I5","tlshash":"79b2c98cb1c7f16a4e67a021416f1519e33d7e89e45cd044fb28d8e0a9b84596b3bf7c","first_seen":"2025-06-30T02:18:00.837564Z","last_seen":"2026-06-01T10:56:00.217659Z","times_seen":80,"resource_available":false,"data":null}},"time_used":532,"timings":{"blocked":352,"dns":0,"connect":0,"send":0,"wait":179,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"3080app.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"3080app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}