{"report_id":"3ae63b70-dfcf-4659-af39-ba8a88f2165a","version":6,"status":"done","tags":[],"date":"2025-10-14T04:25:38Z","url":{"schema":"http","addr":"xn--0202-2pjl01cc-1o1uh94bpa677wbi6h.pjl41.cfd/play/javdb/qDKpP.html","fqdn":"xn--0202-2pjl01cc-1o1uh94bpa677wbi6h.pjl41.cfd","domain":"pjl41.cfd","tld":"cfd"},"ip":{"addr":"104.21.55.182","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"xn--1013-1pjl01cc-1o1uh94bpa677wbi6h.pojiela0031.top/?m=play\u0026u=javdb\u0026k=qDKpP\u0026p=\u0026mod=jump","fqdn":"xn--1013-1pjl01cc-1o1uh94bpa677wbi6h.pojiela0031.top","domain":"pojiela0031.top","tld":"top"},"title":"1013-1主域pjl01点cc凹凸.pojiela0031.top/?m=play\u0026u=javdb\u0026k=qDKpP\u0026p=\u0026mod=jump"},"submit":{"url":{"schema":"http","addr":"xn--0202-2pjl01cc-1o1uh94bpa677wbi6h.pjl41.cfd/play/javdb/qDKpP.html","fqdn":"xn--0202-2pjl01cc-1o1uh94bpa677wbi6h.pjl41.cfd","domain":"pjl41.cfd","tld":"cfd"},"ip":{"addr":"104.21.55.182","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-18T04:25:38Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-14","alert":"Sinkholed","trigger":"xn--0202-2pjl01cc-1o1uh94bpa677wbi6h.pjl41.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-14","alert":"Sinkholed","trigger":"xn--1013-1pjl01cc-1o1uh94bpa677wbi6h.pojiela0031.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"xn--0202-2pjl01cc-1o1uh94bpa677wbi6h.pjl41.cfd","ip":{"addr":"104.21.55.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-01-17","domain_rank":0,"first_seen":"2025-05-21T10:14:25.871705Z","last_seen":"2025-10-14T01:10:45.34207Z","alert_count":2,"request_count":2,"received_data":2759,"sent_data":969,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"xn--1013-1pjl01cc-1o1uh94bpa677wbi6h.pojiela0031.top","ip":{"addr":"104.21.31.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-30","domain_rank":0,"first_seen":"2025-10-14T00:39:31.008717Z","last_seen":"2025-10-14T00:39:31.008717Z","alert_count":1,"request_count":1,"received_data":2559,"sent_data":556,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"xn--0202-2pjl01cc-1o1uh94bpa677wbi6h.pjl41.cfd/play/javdb/qDKpP.html","fqdn":"xn--0202-2pjl01cc-1o1uh94bpa677wbi6h.pjl41.cfd","domain":"pjl41.cfd","tld":"cfd"},"ip":{"addr":"104.21.55.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4fdb2f56bf0b8c88117a1609bf8c1419","sha1":"e4bcec72dfcf67b53cbdf1b503a6b5fdb1ec3b70","sha256":"070c5aea49e862f9fc4944652a3de93137fa3801ce490c4ca275dc5efee44401","sha512":"b9f196849d69c91278da5712418b9a20351e96de0918f85dcb089a7e0e553f7fe58e59a40be07c6775edd82cf24c63e19e5cb0864c01f495395a2743b3068cdc","ssdeep":"","tlshash":"a8c0804125751dd49b426031c63d745d5277606f150a9119f11505940b102ef59a7cbe","size":177,"data":"","first_seen":"2025-10-14T04:25:39.520174Z","last_seen":"2025-10-14T04:25:39.520174Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--1013-1pjl01cc-1o1uh94bpa677wbi6h.pojiela0031.top/?m=play\u0026u=javdb\u0026k=qDKpP\u0026p=\u0026mod=jump","fqdn":"xn--1013-1pjl01cc-1o1uh94bpa677wbi6h.pojiela0031.top","domain":"pojiela0031.top","tld":"top"},"ip":{"addr":"104.21.31.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2a92e4f4d7973a39448b3fc2eb1d08b2","sha1":"41c58b1112e609ab65b91bd536511d0917d6d80b","sha256":"4d0822dff4c2934f5b445b3c86140dbc20c75953fc6940412e36098c62e577c0","sha512":"3f67f6b90921e937ef225e8b94a9c69e385b481c09ce6a1fe265117fcf95b2e87542a9f25a661e31afbfb84b2bd471841ed6b4a4a67e9e635ce2cc7154374e1d","ssdeep":"","tlshash":"47c080735deaf898458c0c95395ad480488fbcbf145cfe64f749db05f115127d05c4e4","size":187,"data":"","first_seen":"2025-10-14T00:33:55.577815Z","last_seen":"2025-10-14T13:17:42.398694Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"xn--0202-2pjl01cc-1o1uh94bpa677wbi6h.pjl41.cfd/play/javdb/qDKpP.html","fqdn":"xn--0202-2pjl01cc-1o1uh94bpa677wbi6h.pjl41.cfd","domain":"pjl41.cfd","tld":"cfd"},"ip":{"addr":"104.21.55.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-14T04:25:16.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pjl41.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Sep 2025 11:19:00 GMT","end":"Tue, 09 Dec 2025 12:16:19 GMT"},"fingerprint":{"sha1":"54:78:76:CF:D7:9B:0F:A1:1C:77:66:6A:1C:E9:82:37:EE:6A:53:22","sha256":"7B:DB:2D:9B:7C:06:F4:5C:6D:82:E1:BB:6C:9D:D5:02:69:EB:F7:82:80:2D:F6:FC:14:A4:00:17:33:74:69:B0"}}},"request":{"raw":"GET /play/javdb/qDKpP.html HTTP/1.1\r\nHost: xn--0202-2pjl01cc-1o1uh94bpa677wbi6h.pjl41.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 14 Oct 2025 04:25:17 GMT\r\ncontent-type: text/html;charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lzY5icPaXxMxVa9KfHzvLrXgyRCmDSwtQUqpKTCPb0dCexplTOmRmAPjDUWxnqX6L5%2F6IYL5qsAmNHrGaxgNKXhxhySe%2FPdcltR%2F3QdOO%2BJcLGAkMj8SGvmNBd2KMd3DEkRkDS1fs70xJhIr\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98e44fd74b1656ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1363,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"f816bc0080bd39c1c512996f44810fdb","sha1":"9c54df7ef9738e660fc021d5f07cb71e8d908ec9","sha256":"3680564420c0d270b724f8220160cf667121883ccc294171290852b871a3a9f2","sha512":"58d9d31c834c6274861106e2a3452933fd131a615c41eca95affefcc5901f07701c54001c805f885baa383874ea126fd516cd8ccdadd05881c83361b228c5bdd","ssdeep":"","tlshash":"5221428788130905d613a1201fb8b70a62d7d45b424fc9257add618d8f803968de7bac","first_seen":"2025-10-14T04:25:39.50804Z","last_seen":"2025-10-14T04:25:39.50804Z","times_seen":1,"resource_available":false,"data":null}},"time_used":952,"timings":{"blocked":220,"dns":46,"connect":1,"send":0,"wait":511,"receive":0,"ssl":171},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-14","alert":"Sinkholed","trigger":"xn--0202-2pjl01cc-1o1uh94bpa677wbi6h.pjl41.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xn--0202-2pjl01cc-1o1uh94bpa677wbi6h.pjl41.cfd/favicon.ico","fqdn":"xn--0202-2pjl01cc-1o1uh94bpa677wbi6h.pjl41.cfd","domain":"pjl41.cfd","tld":"cfd"},"ip":{"addr":"104.21.55.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--0202-2pjl01cc-1o1uh94bpa677wbi6h.pjl41.cfd/play/javdb/qDKpP.html","date":"2025-10-14T04:25:17.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pjl41.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Sep 2025 11:19:00 GMT","end":"Tue, 09 Dec 2025 12:16:19 GMT"},"fingerprint":{"sha1":"54:78:76:CF:D7:9B:0F:A1:1C:77:66:6A:1C:E9:82:37:EE:6A:53:22","sha256":"7B:DB:2D:9B:7C:06:F4:5C:6D:82:E1:BB:6C:9D:D5:02:69:EB:F7:82:80:2D:F6:FC:14:A4:00:17:33:74:69:B0"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: xn--0202-2pjl01cc-1o1uh94bpa677wbi6h.pjl41.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Tue, 14 Oct 2025 04:25:17 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=50FjcrdAYRd6OTWJ9fiot4w1gBqNFnY8%2Bdah2JGB9BNN4jYFAi9MhFA9diNBM8TCuK3lSNdGw2dX5kt5a%2BceMK5GH4mKLH%2FTAmooWePNPWffQ0mxByQa%2BoD0nWu5VpDQQKxVEpfaSl%2Bp7%2Baz\"}]}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98e44fdc0a46712d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-05T08:46:00.209991Z","times_seen":479260,"resource_available":true,"data":null}},"time_used":338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":338,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-14","alert":"Sinkholed","trigger":"xn--0202-2pjl01cc-1o1uh94bpa677wbi6h.pjl41.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xn--1013-1pjl01cc-1o1uh94bpa677wbi6h.pojiela0031.top/?m=play\u0026u=javdb\u0026k=qDKpP\u0026p=\u0026mod=jump","fqdn":"xn--1013-1pjl01cc-1o1uh94bpa677wbi6h.pojiela0031.top","domain":"pojiela0031.top","tld":"top"},"ip":{"addr":"104.21.31.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-14T04:25:18.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pojiela0031.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 Aug 2025 02:14:14 GMT","end":"Fri, 28 Nov 2025 03:12:42 GMT"},"fingerprint":{"sha1":"33:17:1A:B6:7A:F9:59:49:31:CD:CD:EB:B5:EE:3E:97:77:A5:FD:DD","sha256":"A2:E2:E2:07:D9:98:67:ED:89:55:F9:29:65:7A:71:A8:DC:1B:90:72:1A:DC:6C:F9:EF:26:61:DD:95:8F:FB:AB"}}},"request":{"raw":"GET /?m=play\u0026u=javdb\u0026k=qDKpP\u0026p=\u0026mod=jump HTTP/1.1\r\nHost: xn--1013-1pjl01cc-1o1uh94bpa677wbi6h.pojiela0031.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 14 Oct 2025 04:25:18 GMT\r\ncontent-type: text/html;charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I8THVzshPYhgTx%2BAwqgZ%2FF3N1Naho5wChBMiU6MPeuSnn1XAD1f3udxtr87FAEKGdmLmxbV3A3Fg0hYVw9Pmm2fgpcOx%2Fz1N5oqR33E3rVQQCUlcf8rQp6omc5RanNzU9fl%2F5ywfdAS7WQPCOYsq%2BYXZvVo%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98e44fe17b9d3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1944,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"0fc013ba6f7c5d7e42ee35f7e66ab0c7","sha1":"f9ca0ed450e5cb145c9fdbd5b02f2122b16c12f4","sha256":"b25914bd3f8a548d29adda2be7b7f47dda7e4809dc5ae5d1584ecab221762f0d","sha512":"c56c3be422b6064469d10b734be8017bb24690247d788a6af33b3b5360fba4adfcdecbc355d3f2bcde2ba355806c6468870547777cfb869e60b3868646cb42da","ssdeep":"","tlshash":"98418487eb0d5845260b10a05cb4a2d8206f847fec8e9fbafd8448b8c8c956cd15edfd","first_seen":"2025-10-14T04:25:39.51646Z","last_seen":"2025-10-14T04:25:39.51646Z","times_seen":1,"resource_available":false,"data":null}},"time_used":851,"timings":{"blocked":157,"dns":1,"connect":1,"send":0,"wait":537,"receive":0,"ssl":153},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-14","alert":"Sinkholed","trigger":"xn--1013-1pjl01cc-1o1uh94bpa677wbi6h.pojiela0031.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}