{"report_id":"340f491a-8db7-44c8-88de-42b90af43af4","version":6,"status":"done","tags":[],"date":"2025-08-09T14:47:59Z","url":{"schema":"http","addr":"365kjump.cc/","fqdn":"365kjump.cc","domain":"365kjump.cc","tld":"cc"},"ip":{"addr":"34.146.136.33","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Japan","country_code":"JP"},"final":{"url":{"schema":"http","addr":"365kjump.cc/","fqdn":"365kjump.cc","domain":"365kjump.cc","tld":"cc"},"title":"bet365"},"submit":{"url":{"schema":"http","addr":"365kjump.cc/","fqdn":"365kjump.cc","domain":"365kjump.cc","tld":"cc"},"ip":{"addr":"34.146.136.33","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Japan","country_code":"JP"},"tags":["openphish"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-09-13T14:47:59Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-09T14:47:23Z","timestamp":1754750843,"ip_dst":{"addr":"172.18.0.23","port":45064,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"34.146.136.33","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Japan","country_code":"JP"},"severity":"low","alert":"ET HUNTING Base64 Encoded octet-stream File in HTML Body (Mime Type)","source":"{\"timestamp\":\"2025-08-09T14:47:23.947110+0000\",\"flow_id\":1169398790090547,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"34.146.136.33\",\"src_port\":80,\"dest_ip\":\"172.18.0.23\",\"dest_port\":45064,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047790,\"rev\":2,\"signature\":\"ET HUNTING Base64 Encoded octet-stream File in HTML Body (Mime Type)\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"34.146.136.33\",\"port\":80},\"target\":{\"ip\":\"172.18.0.23\",\"port\":45064},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_28\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_10_06\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_10_06\"]}},\"http\":{\"hostname\":\"365kjump.cc\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":7114},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":16269,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":9,\"bytes_toserver\":1398,\"bytes_toclient\":9298,\"start\":\"2025-08-09T14:47:23.126771+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"365kjump.cc","ip":{"addr":"34.146.136.33","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Japan","country_code":"JP"},"domain_registered":"2025-02-20","domain_rank":0,"first_seen":"2025-07-11T23:57:36.503544Z","last_seen":"2025-07-11T23:57:36.503544Z","alert_count":2,"request_count":5,"received_data":213181,"sent_data":1875,"comment":"","tags":null,"fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"3656.tstdmn.cc","ip":{"addr":"34.92.23.236","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"domain_registered":"2024-06-07","domain_rank":0,"first_seen":"2024-08-10T21:14:31Z","last_seen":"2025-08-05T14:48:07.279964Z","alert_count":0,"request_count":2,"received_data":67874,"sent_data":997,"comment":"","tags":null,"fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-09T14:47:23Z","timestamp":1754750843,"ip_dst":{"addr":"172.18.0.23","port":45064,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"34.146.136.33","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Japan","country_code":"JP"},"severity":"low","alert":"ET HUNTING Base64 Encoded octet-stream File in HTML Body (Mime Type)","source":"{\"timestamp\":\"2025-08-09T14:47:23.947110+0000\",\"flow_id\":1169398790090547,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"34.146.136.33\",\"src_port\":80,\"dest_ip\":\"172.18.0.23\",\"dest_port\":45064,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047790,\"rev\":2,\"signature\":\"ET HUNTING Base64 Encoded octet-stream File in HTML Body (Mime Type)\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"34.146.136.33\",\"port\":80},\"target\":{\"ip\":\"172.18.0.23\",\"port\":45064},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_28\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_10_06\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_10_06\"]}},\"http\":{\"hostname\":\"365kjump.cc\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":7114},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":16269,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":9,\"bytes_toserver\":1398,\"bytes_toclient\":9298,\"start\":\"2025-08-09T14:47:23.126771+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"365kjump.cc/","fqdn":"365kjump.cc","domain":"365kjump.cc","tld":"cc"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"dfdcc1f32e708eb2467102366db2a013","sha1":"abbc2fdb0f112b2211ed5c35f8d59d709b024bda","sha256":"3aa57575a7b652f29fcff6e0609583a13a0b4926e413952b9717b2da8cd833b4","sha512":"93d0041c40b043f06026be9034fbb5dca735a90ecc5a88380273cf88558a033136a01632865ccbae9cd7429631bdef7350ef8e268eb2220b8f207bcbc3894340","ssdeep":"","tlshash":"f7f0c0111def1dfd213a923e2d7e892872ab2815a060c0406d81d4146db158146402c8","size":505,"data":"","first_seen":"2025-04-04T11:44:04.751266Z","last_seen":"2026-02-08T10:47:44.790711Z","times_seen":16,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-09T14:47:23Z","timestamp":1754750843,"ip_dst":{"addr":"172.18.0.23","port":45064,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"34.146.136.33","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Japan","country_code":"JP"},"severity":"low","alert":"ET HUNTING Base64 Encoded octet-stream File in HTML Body (Mime Type)","source":"{\"timestamp\":\"2025-08-09T14:47:23.947110+0000\",\"flow_id\":1169398790090547,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"34.146.136.33\",\"src_port\":80,\"dest_ip\":\"172.18.0.23\",\"dest_port\":45064,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047790,\"rev\":2,\"signature\":\"ET HUNTING Base64 Encoded octet-stream File in HTML Body (Mime Type)\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"34.146.136.33\",\"port\":80},\"target\":{\"ip\":\"172.18.0.23\",\"port\":45064},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_28\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_10_06\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_10_06\"]}},\"http\":{\"hostname\":\"365kjump.cc\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":7114},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":16269,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":9,\"bytes_toserver\":1398,\"bytes_toclient\":9298,\"start\":\"2025-08-09T14:47:23.126771+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"365kjump.cc/jquery-1.11.2.min.js","fqdn":"365kjump.cc","domain":"365kjump.cc","tld":"cc"},"ip":{"addr":"34.146.136.33","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"87e69028f78d75ca225b3dc54d233239","sha1":"b33ee3b42b988eef9d4d62495b6e54e23dd642fd","sha256":"d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32","sha512":"6679e3ee7d02d17cf5b5d93a8a1dfd58f9b79120936442a75ffed668d6f2496ec615bc128cee6bf7fb8e0062cc6e0bfa96523519d8210bbc5d690b05512b4cd7","ssdeep":"1536:5P1vk7i6GUHdXXeyQazBu+4HhiO2AEeLNFoqqhJ7SerN5sVI6xcBgPv7E+nzms9l:A4Ud4qhJvNPqcB47MfWWca98Hrh","tlshash":"d093e8d9b7d67062977730b850bf510bb13a98eab80c4c60f1a4d8e47e74a89507bf2d","size":95966,"data":"","first_seen":"2023-03-07T01:10:31Z","last_seen":"2026-05-15T07:36:28.453148Z","times_seen":1684,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"365kjump.cc/","fqdn":"365kjump.cc","domain":"365kjump.cc","tld":"cc"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b95580cb8e7a380691bc01639ed17c81","sha1":"bde32f2a93ece1032781e5008627d61cb3195cba","sha256":"eae4ab26a5b291e2c97995c5d28c88de9fbcc180a0fe9ebcd2b2c99092dbed90","sha512":"c2d7f25195b7178b4152ff62f3941239dccf89b5667b533fc25233fb376450756f9af6ef4027e0f6790c0518cbad6e7af39239fb7e734c8febb4b3162ef63aab","ssdeep":"","tlshash":"15a0021501512554631720901125c3992679a067ac49923a765e57404740415c528401","size":70,"data":"","first_seen":"2023-03-08T05:48:02Z","last_seen":"2026-05-14T12:03:37.871789Z","times_seen":119,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-09T14:47:23Z","timestamp":1754750843,"ip_dst":{"addr":"172.18.0.23","port":45064,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"34.146.136.33","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Japan","country_code":"JP"},"severity":"low","alert":"ET HUNTING Base64 Encoded octet-stream File in HTML Body (Mime Type)","source":"{\"timestamp\":\"2025-08-09T14:47:23.947110+0000\",\"flow_id\":1169398790090547,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"34.146.136.33\",\"src_port\":80,\"dest_ip\":\"172.18.0.23\",\"dest_port\":45064,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047790,\"rev\":2,\"signature\":\"ET HUNTING Base64 Encoded octet-stream File in HTML Body (Mime Type)\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"34.146.136.33\",\"port\":80},\"target\":{\"ip\":\"172.18.0.23\",\"port\":45064},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_28\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_10_06\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_10_06\"]}},\"http\":{\"hostname\":\"365kjump.cc\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":7114},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":16269,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":9,\"bytes_toserver\":1398,\"bytes_toclient\":9298,\"start\":\"2025-08-09T14:47:23.126771+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"365kjump.cc/","fqdn":"365kjump.cc","domain":"365kjump.cc","tld":"cc"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d895f0e6276bd2f730e3f9922b819cb7","sha1":"e6c9ebb4ce3b5b9fcd09b7d6b50c89fe10e41ece","sha256":"3b8b61564ed88fd87e53faa7c3e56bd3f2edb93c059a55101531440248a02bca","sha512":"4e69b77e2e391e2f36476a7aea6273931fb61979c9c7dd8497b2d19c9366ac28ae7aa5e9f3bec98868ee1da620b5ffed848e06c39e65af82ad196f62792827d1","ssdeep":"","tlshash":"0b4116affce744b92c5368b64b7f594e25b044271510d440ba1c9a447fa5f141c7a6ec","size":1951,"data":"","first_seen":"2025-08-09T14:48:00.730836Z","last_seen":"2026-02-08T10:47:44.79972Z","times_seen":9,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-09T14:47:23Z","timestamp":1754750843,"ip_dst":{"addr":"172.18.0.23","port":45064,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"34.146.136.33","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Japan","country_code":"JP"},"severity":"low","alert":"ET HUNTING Base64 Encoded octet-stream File in HTML Body (Mime Type)","source":"{\"timestamp\":\"2025-08-09T14:47:23.947110+0000\",\"flow_id\":1169398790090547,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"34.146.136.33\",\"src_port\":80,\"dest_ip\":\"172.18.0.23\",\"dest_port\":45064,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047790,\"rev\":2,\"signature\":\"ET HUNTING Base64 Encoded octet-stream File in HTML Body (Mime Type)\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"34.146.136.33\",\"port\":80},\"target\":{\"ip\":\"172.18.0.23\",\"port\":45064},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_28\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_10_06\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_10_06\"]}},\"http\":{\"hostname\":\"365kjump.cc\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":7114},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":16269,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":9,\"bytes_toserver\":1398,\"bytes_toclient\":9298,\"start\":\"2025-08-09T14:47:23.126771+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"365kjump.cc/","fqdn":"365kjump.cc","domain":"365kjump.cc","tld":"cc"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"32a38935998a1214e64fc65ea445043d","sha1":"1188000d70df80df63aed59c1a260ddd09b15237","sha256":"3981547bbf7a82681c7bdee42a65c816dd21e0cae9a96db18bee95e2385ca543","sha512":"4ec24faf817fde72a792c5e5072db67156eb05e3731845e10877021889c74532023dbda5b8b814c057a201be5c8f33a9bba4fa226088668e9a066c3d872cd813","ssdeep":"","tlshash":"0511e3fabc720cf6081358765bbf964e20b048771512d040bb5c9e5cbf21f180c2d69c","size":1032,"data":"","first_seen":"2025-08-09T14:48:00.74018Z","last_seen":"2026-02-08T10:47:44.800714Z","times_seen":12,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-08-09T14:47:23Z","timestamp":1754750843,"ip_dst":{"addr":"172.18.0.23","port":45064,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"34.146.136.33","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Japan","country_code":"JP"},"severity":"low","alert":"ET HUNTING Base64 Encoded octet-stream File in HTML Body (Mime Type)","source":"{\"timestamp\":\"2025-08-09T14:47:23.947110+0000\",\"flow_id\":1169398790090547,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"34.146.136.33\",\"src_port\":80,\"dest_ip\":\"172.18.0.23\",\"dest_port\":45064,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047790,\"rev\":2,\"signature\":\"ET HUNTING Base64 Encoded octet-stream File in HTML Body (Mime Type)\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"34.146.136.33\",\"port\":80},\"target\":{\"ip\":\"172.18.0.23\",\"port\":45064},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_28\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_10_06\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_10_06\"]}},\"http\":{\"hostname\":\"365kjump.cc\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":7114},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":16269,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":9,\"bytes_toserver\":1398,\"bytes_toclient\":9298,\"start\":\"2025-08-09T14:47:23.126771+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"365kjump.cc/h.js","fqdn":"365kjump.cc","domain":"365kjump.cc","tld":"cc"},"ip":{"addr":"34.146.136.33","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"87e69028f78d75ca225b3dc54d233239","sha1":"b33ee3b42b988eef9d4d62495b6e54e23dd642fd","sha256":"d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32","sha512":"6679e3ee7d02d17cf5b5d93a8a1dfd58f9b79120936442a75ffed668d6f2496ec615bc128cee6bf7fb8e0062cc6e0bfa96523519d8210bbc5d690b05512b4cd7","ssdeep":"1536:5P1vk7i6GUHdXXeyQazBu+4HhiO2AEeLNFoqqhJ7SerN5sVI6xcBgPv7E+nzms9l:A4Ud4qhJvNPqcB47MfWWca98Hrh","tlshash":"d093e8d9b7d67062977730b850bf510bb13a98eab80c4c60f1a4d8e47e74a89507bf2d","size":95966,"data":"","first_seen":"2023-03-07T01:10:31Z","last_seen":"2026-05-15T07:36:28.453148Z","times_seen":1684,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3656.tstdmn.cc/matomo.js","fqdn":"3656.tstdmn.cc","domain":"tstdmn.cc","tld":"cc"},"ip":{"addr":"34.92.23.236","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"97b41888a87c22615114d73c91cc70a3","sha1":"a9e02fdb328a29bd8753e7000d0afe6ef635aad1","sha256":"f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d","sha512":"0023e6fd1e095cb37ffd94393f583f9a1ad1fe18a03b72bd035d431401038b48cc9689e2bbf4b0bbee5b6082e77db6e2bdd55b4d5ffb1c45f86e0f330789c10f","ssdeep":"1536:ATgnSINAJrRJqerEKlFXhuXEy+XzsyWbuds06Vdda8EbdAAOV4ITzvBCQaFLa:AT+Z2fuULzsyWbbVdda8EbdAA0XvBv5","tlshash":"0263d5ca72c275398bca6074603f1187b17aada7144cc4a4f56ac4fa3c3891e957bf78","size":67460,"data":"","first_seen":"2024-05-09T17:51:40Z","last_seen":"2026-05-15T14:34:35.320248Z","times_seen":4864,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"312351bff07989769097660a56395065","sha1":"004be89dd9e070ecb080b9b759e5be29ec24881b","sha256":"b2b2f104d32c638903e151a9b20d6e27b41d8c0c84cf8458738f83ca2f1dd744","sha512":"454935a0b9fe288a70896e9e0548537ed09c564e47d771b91202f70ddc94946fa6b209e205034983ebe3160633bf5401df01cdfc54b7f98c4bfbd5845a89124f","ssdeep":"","tlshash":"1f3000000000000000cc00000000000000000000000000000000000000000000000c00","size":4,"data":"","first_seen":"2023-03-13T00:05:53Z","last_seen":"2026-05-11T13:25:03.420858Z","times_seen":32220,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"http","addr":"365kjump.cc/favicon.ico","fqdn":"365kjump.cc","domain":"365kjump.cc","tld":"cc"},"ip":{"addr":"34.146.136.33","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://365kjump.cc/","date":"2025-08-09T14:47:24.561Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 365kjump.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://365kjump.cc/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 09 Aug 2025 14:47:24 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 4286\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"1ba2ae710d927f13d483fd5d1e548c9b","sha1":"c0605efed936ee2600284e6480521d06fa64f872","sha256":"db74ab0b78338c1f778f8398c45f4103c99aea0e845a3118a7750b4eeafd3445","sha512":"f933cd352eaba92f509b3863353ddfefadfada26a4152ecdc4727d450bbf35e7b10fb3038fe8db340d5c63d74e608c1560ec84d0f6ffc8ccd940c9e0d7533544","ssdeep":"48:i3H5R5hLOR4kt38PduMoglJrd6qTrp9hweFC0+6Ga:ipHFUs4MLBvuyCda","tlshash":"ee9175df61c388d9c1b1977f78c449a14f6fd951ba28351f55cf30622e5d75818c1c46","first_seen":"2023-04-18T17:42:03Z","last_seen":"2026-05-15T08:22:26.445321Z","times_seen":6074,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3656.tstdmn.cc/matomo.php?action_name=bet365\u0026idsite=2\u0026rec=1\u0026r=055684\u0026h=14\u0026m=47\u0026s=24\u0026url=http%3A%2F%2F365kjump.cc%2F\u0026_id=eeb68789fbf15dd5\u0026_idn=1\u0026send_image=0\u0026_refts=0\u0026pv_id=qbrrsh\u0026pf_net=249\u0026pf_srv=241\u0026pf_tfr=1\u0026pf_dm1=825\u0026uadata=%7B%7D\u0026pdf=1\u0026qt=0\u0026realp=0\u0026wma=0\u0026fla=0\u0026java=0\u0026ag=0\u0026cookie=1\u0026res=1280x1024","fqdn":"3656.tstdmn.cc","domain":"tstdmn.cc","tld":"cc"},"ip":{"addr":"34.92.23.236","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"http://365kjump.cc/","date":"2025-08-09T14:47:24.703Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /matomo.php?action_name=bet365\u0026idsite=2\u0026rec=1\u0026r=055684\u0026h=14\u0026m=47\u0026s=24\u0026url=http%3A%2F%2F365kjump.cc%2F\u0026_id=eeb68789fbf15dd5\u0026_idn=1\u0026send_image=0\u0026_refts=0\u0026pv_id=qbrrsh\u0026pf_net=249\u0026pf_srv=241\u0026pf_tfr=1\u0026pf_dm1=825\u0026uadata=%7B%7D\u0026pdf=1\u0026qt=0\u0026realp=0\u0026wma=0\u0026fla=0\u0026java=0\u0026ag=0\u0026cookie=1\u0026res=1280x1024 HTTP/1.1\r\nHost: 3656.tstdmn.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\r\nContent-Length: 0\r\nOrigin: http://365kjump.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://365kjump.cc/\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 204 No Response\r\nDate: Sat, 09 Aug 2025 14:47:24 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.4.33\r\nAccess-Control-Allow-Origin: http://365kjump.cc\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Response","fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T15:20:42.416165Z","times_seen":15223586,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"365kjump.cc/","fqdn":"365kjump.cc","domain":"365kjump.cc","tld":"cc"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-09T14:47:22.585Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 365kjump.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T15:20:42.416165Z","times_seen":15223586,"resource_available":true,"data":null}},"time_used":530,"timings":{"blocked":0,"dns":11,"connect":256,"send":0,"wait":0,"receive":0,"ssl":260},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-09T14:47:23Z","timestamp":1754750843,"ip_dst":{"addr":"172.18.0.23","port":45064,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"34.146.136.33","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Japan","country_code":"JP"},"severity":"low","alert":"ET HUNTING Base64 Encoded octet-stream File in HTML Body (Mime Type)","source":"{\"timestamp\":\"2025-08-09T14:47:23.947110+0000\",\"flow_id\":1169398790090547,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"34.146.136.33\",\"src_port\":80,\"dest_ip\":\"172.18.0.23\",\"dest_port\":45064,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047790,\"rev\":2,\"signature\":\"ET HUNTING Base64 Encoded octet-stream File in HTML Body (Mime Type)\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"34.146.136.33\",\"port\":80},\"target\":{\"ip\":\"172.18.0.23\",\"port\":45064},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_28\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_10_06\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_10_06\"]}},\"http\":{\"hostname\":\"365kjump.cc\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":7114},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":16269,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":9,\"bytes_toserver\":1398,\"bytes_toclient\":9298,\"start\":\"2025-08-09T14:47:23.126771+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"365kjump.cc/","fqdn":"365kjump.cc","domain":"365kjump.cc","tld":"cc"},"ip":{"addr":"34.146.136.33","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Japan","country_code":"JP"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-09T14:47:23.127Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 365kjump.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 09 Aug 2025 14:47:23 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":16269,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6257), with CRLF line terminators","md5":"aae4f2f8b8a681703cb3bc7bcf52bb62","sha1":"d1a0cfab1629c193c84577e0913d5fcbfbb8d911","sha256":"58c3b6c046a68912d137885bec3aff9391f6788c67977792f6160e1c5434d482","sha512":"9467f6d36da9b33d3bb31d4be4062ad8c253a846afd640375003816b842335ce4c6e4a3159723b5265512f182bce3ba5ea94ef6df92be7947bc8cbeb84af0abc","ssdeep":"384:5y42lKuUUhtb2p3pcRQclNIgzt4kT5Q2YrEO:042lKd6CpZcRQei2yrEO","tlshash":"e672397aa5045c4a1a3757349bb6aa0efde4182b4711c288fe8c66522fb0a504c13ffc","first_seen":"2025-08-09T14:48:00.711341Z","last_seen":"2026-02-08T10:47:44.78398Z","times_seen":9,"resource_available":true,"data":null}},"time_used":723,"timings":{"blocked":240,"dns":1,"connect":240,"send":0,"wait":241,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-09T14:47:23Z","timestamp":1754750843,"ip_dst":{"addr":"172.18.0.23","port":45064,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"34.146.136.33","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Japan","country_code":"JP"},"severity":"low","alert":"ET HUNTING Base64 Encoded octet-stream File in HTML Body (Mime Type)","source":"{\"timestamp\":\"2025-08-09T14:47:23.947110+0000\",\"flow_id\":1169398790090547,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"34.146.136.33\",\"src_port\":80,\"dest_ip\":\"172.18.0.23\",\"dest_port\":45064,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047790,\"rev\":2,\"signature\":\"ET HUNTING Base64 Encoded octet-stream File in HTML Body (Mime Type)\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"34.146.136.33\",\"port\":80},\"target\":{\"ip\":\"172.18.0.23\",\"port\":45064},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_28\"],\"deployment\":[\"SSLDecrypt\",\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_10_06\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_10_06\"]}},\"http\":{\"hostname\":\"365kjump.cc\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":7114},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":16269,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":9,\"bytes_toserver\":1398,\"bytes_toclient\":9298,\"start\":\"2025-08-09T14:47:23.126771+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"365kjump.cc/jquery-1.11.2.min.js","fqdn":"365kjump.cc","domain":"365kjump.cc","tld":"cc"},"ip":{"addr":"34.146.136.33","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://365kjump.cc/","date":"2025-08-09T14:47:23.717Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /jquery-1.11.2.min.js HTTP/1.1\r\nHost: 365kjump.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://365kjump.cc/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 09 Aug 2025 14:47:23 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95966,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32047)","md5":"87e69028f78d75ca225b3dc54d233239","sha1":"b33ee3b42b988eef9d4d62495b6e54e23dd642fd","sha256":"d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32","sha512":"6679e3ee7d02d17cf5b5d93a8a1dfd58f9b79120936442a75ffed668d6f2496ec615bc128cee6bf7fb8e0062cc6e0bfa96523519d8210bbc5d690b05512b4cd7","ssdeep":"1536:5P1vk7i6GUHdXXeyQazBu+4HhiO2AEeLNFoqqhJ7SerN5sVI6xcBgPv7E+nzms9l:A4Ud4qhJvNPqcB47MfWWca98Hrh","tlshash":"d093e8d9b7d67062977730b850bf510bb13a98eab80c4c60f1a4d8e47e74a89507bf2d","first_seen":"2023-03-07T01:10:31Z","last_seen":"2026-05-15T07:36:28.453148Z","times_seen":1684,"resource_available":true,"data":null}},"time_used":487,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":241,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"3656.tstdmn.cc/matomo.js","fqdn":"3656.tstdmn.cc","domain":"tstdmn.cc","tld":"cc"},"ip":{"addr":"34.92.23.236","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://365kjump.cc/","date":"2025-08-09T14:47:23.725Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /matomo.js HTTP/1.1\r\nHost: 3656.tstdmn.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://365kjump.cc/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 09 Aug 2025 14:47:24 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":67460,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2854)","md5":"97b41888a87c22615114d73c91cc70a3","sha1":"a9e02fdb328a29bd8753e7000d0afe6ef635aad1","sha256":"f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d","sha512":"0023e6fd1e095cb37ffd94393f583f9a1ad1fe18a03b72bd035d431401038b48cc9689e2bbf4b0bbee5b6082e77db6e2bdd55b4d5ffb1c45f86e0f330789c10f","ssdeep":"1536:ATgnSINAJrRJqerEKlFXhuXEy+XzsyWbuds06Vdda8EbdAAOV4ITzvBCQaFLa:AT+Z2fuULzsyWbbVdda8EbdAA0XvBv5","tlshash":"0263d5ca72c275398bca6074603f1187b17aada7144cc4a4f56ac4fa3c3891e957bf78","first_seen":"2024-05-09T17:51:40Z","last_seen":"2026-05-15T14:34:35.320248Z","times_seen":4864,"resource_available":true,"data":null}},"time_used":1463,"timings":{"blocked":511,"dns":289,"connect":224,"send":0,"wait":220,"receive":219,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"365kjump.cc/h.js","fqdn":"365kjump.cc","domain":"365kjump.cc","tld":"cc"},"ip":{"addr":"34.146.136.33","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://365kjump.cc/","date":"2025-08-09T14:47:23.720Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /h.js HTTP/1.1\r\nHost: 365kjump.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://365kjump.cc/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 09 Aug 2025 14:47:24 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95966,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32047)","md5":"87e69028f78d75ca225b3dc54d233239","sha1":"b33ee3b42b988eef9d4d62495b6e54e23dd642fd","sha256":"d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32","sha512":"6679e3ee7d02d17cf5b5d93a8a1dfd58f9b79120936442a75ffed668d6f2496ec615bc128cee6bf7fb8e0062cc6e0bfa96523519d8210bbc5d690b05512b4cd7","ssdeep":"1536:5P1vk7i6GUHdXXeyQazBu+4HhiO2AEeLNFoqqhJ7SerN5sVI6xcBgPv7E+nzms9l:A4Ud4qhJvNPqcB47MfWWca98Hrh","tlshash":"d093e8d9b7d67062977730b850bf510bb13a98eab80c4c60f1a4d8e47e74a89507bf2d","first_seen":"2023-03-07T01:10:31Z","last_seen":"2026-05-15T07:36:28.453148Z","times_seen":1684,"resource_available":true,"data":null}},"time_used":955,"timings":{"blocked":224,"dns":1,"connect":241,"send":0,"wait":246,"receive":243,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}