{"report_id":"3b36c7c9-e12c-461e-ae34-48efee421679","version":6,"status":"done","tags":[],"date":"2026-05-21T20:14:59Z","url":{"schema":"http","addr":"zhanduoduo.com.cn","fqdn":"zhanduoduo.com.cn","domain":"zhanduoduo.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.48.173","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"zhanduoduo.com.cn/","fqdn":"zhanduoduo.com.cn","domain":"zhanduoduo.com.cn","tld":"com.cn"},"title":"英语知识点记忆工具","dom":{"size":41226,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (12914)","md5":"c1c0543e39a53e74c5456c879813b007","sha1":"cd718b13c8881050dc668d204d3626da44ea25ec","sha256":"06d1db1638d43c1da170bc9240db53c859a786b129cc74e47213935795a39c3b","sha512":"27f131188eda1f69e768ecab7614b84d9aa827cea9abb25d74e4602ba6694a5fa0b38bc34ac33c8d4f69aaf29f75a5f9f6a31a6dfaa79105fbf8a428b25db476","ssdeep":"384:qguhL76hx/PZzR9mzOZq4dDti0fCjxrW3HVjr2Qr4sGM8Afq6zFvIMPWk16y4hvL:qguhn6hptR9aOPiJ2HV7r8MbzVIPhvB5","tlshash":"c803072eb2f1003a5c5344fbb78b6a987925d087de2bd5a8bd9d42105fc3aa54e93348","dom_hash":"domhashf80f60176374d82e0b3b62cfcef5bc5c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"zhanduoduo.com.cn","fqdn":"zhanduoduo.com.cn","domain":"zhanduoduo.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.48.173","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-25T20:14:59Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-21","alert":"Sinkholed","trigger":"zhanduoduo.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-21","alert":"Sinkholed","trigger":"zhanduoduo.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-21","alert":"Sinkholed","trigger":"zhanduoduo.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-21","alert":"Sinkholed","trigger":"zhanduoduo.com.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.tailwindcss.com","ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-20","domain_rank":117330,"first_seen":"2018-07-09T05:46:13Z","last_seen":"2026-05-18T06:58:11.855617Z","alert_count":0,"request_count":2,"received_data":815994,"sent_data":826,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"unpkg.com","ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-06","domain_rank":1093,"first_seen":"2016-01-07T23:26:01Z","last_seen":"2026-05-18T00:48:33.232476Z","alert_count":0,"request_count":2,"received_data":401953,"sent_data":873,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]}]},{"fqdn":"zhanduoduo.com.cn","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-28","domain_rank":0,"first_seen":"2026-05-21T12:25:15.94875Z","last_seen":"2026-05-21T12:25:15.94875Z","alert_count":8,"request_count":2,"received_data":28881,"sent_data":927,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"zhanduoduo.com.cn/","fqdn":"zhanduoduo.com.cn","domain":"zhanduoduo.com.cn","tld":"com.cn"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"24faf789cc6f846a80eb3b9050fb3abc","sha1":"9caf9ca84489749434fa2b45be0c7cf3dee99a31","sha256":"c7ebdb11955750d4f0c870d6b6d4e5d21d06d3ef8dc4cf61dff2197c1810b523","sha512":"e7fa7b32542ebdfc734816d158a29891811c62b708475d6630b42d1abc910da73684ea1c903baa24b2a945220628c2b645638e7ed7653329bb6b6f830ad6ba52","ssdeep":"","tlshash":"17f0c9967db7959a11121cf2431fea0b848330a23cd0c6d0f2dca2ec7f222c9511e1ad","size":544,"data":"","first_seen":"2026-05-21T12:25:20.2289Z","last_seen":"2026-05-22T05:41:41.937362Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-06-08T12:23:57.882502Z","times_seen":39810,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/@supabase/supabase-js@2","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c343d451c84900e1c80743cca8c8bb29","sha1":"17420e2253f08f8b064fdeb3b7843146978d0da6","sha256":"755636ef8385bedfa9eccb214b04dd106bd348bdb63596c3943ea64f3e339a5a","sha512":"57e6c2712a95da7fee8da40f6ec2d309b6aee26ca25473bc6ef53a177c3e8c3c86b4edea4560986f7c82d7c72ffbb7242429c8a0d8f156fd12930822b4f3c016","ssdeep":"6144:GRaq+aZCi2zxnKFHqv5NA9Gmkzw3HfMJQbyCfUp7WzUtlpJO:5aQiWKdqxvro","tlshash":"c91407d573b7a43247d59062d4391901f33ca549b81e502cbb7c6edb6aa8d08eb3af34","size":200293,"data":"","first_seen":"2026-05-21T12:25:20.226237Z","last_seen":"2026-05-28T09:50:18.749779Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zhanduoduo.com.cn/","fqdn":"zhanduoduo.com.cn","domain":"zhanduoduo.com.cn","tld":"com.cn"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ea6f39d98df2185a2fac0fffa98cc6a9","sha1":"782f640a4ed07f2760c1385d7b9b442bce5e0d71","sha256":"9ac1598502252aaa9a9a5ba4ca4a3dc2c9b70c2ac588abe3ec0b770a1883bcee","sha512":"d42578e51f8dd63e8a18b01f9ff66247ea87869b6a1af7e61b071b5b176cb12ed362c69ab30123aaff62aeee33def7f5497b0ecebd89b846aab7ba2bac3261a7","ssdeep":"384:LHVjr2Qr4sGM8Afq6zFvIMPWk16y4hvB0:LHV7r8MbzVIPhvB0","tlshash":"de82a36a35f71439cca72c7b379b15803422810fac47d818bd7d97201f51f688ebab9a","size":17691,"data":"","first_seen":"2026-05-21T12:25:20.229766Z","last_seen":"2026-05-22T05:41:41.938335Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zhanduoduo.com.cn/","date":"2026-05-21T20:14:38.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 19 May 2026 14:31:45 GMT","end":"Mon, 17 Aug 2026 15:31:39 GMT"},"fingerprint":{"sha1":"B6:67:6F:5A:BE:B9:2A:B2:16:10:49:96:1E:1F:99:2B:44:AF:EA:A6","sha256":"63:A9:BF:FB:46:E0:B8:37:95:77:F3:63:84:AE:78:22:46:11:85:5E:DF:87:F6:4B:EF:F2:2E:24:D5:74:70:39"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zhanduoduo.com.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 21 May 2026 20:14:38 GMT\r\ncache-control: max-age=14400\r\nlocation: /3.4.17\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::mrqjw-1779394354561-66d130d1d228\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 124\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UjOtLqAzfqQc77NlYiSKTBstZr64CK8lWROFx21AKnzJQtia4I1XyJ%2FBDORXcVBKbBQ4FwKD%2BPaeqLWOqjKzICNjkgv9uhv0pH1SPXRS0%2FnIANj4KQvpL3GHen0Da3s%2BzdW0slI%3D\"}]}\r\ncf-ray: 9ff63fa45cb90daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T12:34:25.437902Z","times_seen":16239334,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":19,"dns":1,"connect":1,"send":0,"wait":9,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/3.4.17","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zhanduoduo.com.cn/","date":"2026-05-21T20:14:38.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 19 May 2026 14:31:45 GMT","end":"Mon, 17 Aug 2026 15:31:39 GMT"},"fingerprint":{"sha1":"B6:67:6F:5A:BE:B9:2A:B2:16:10:49:96:1E:1F:99:2B:44:AF:EA:A6","sha256":"63:A9:BF:FB:46:E0:B8:37:95:77:F3:63:84:AE:78:22:46:11:85:5E:DF:87:F6:4B:EF:F2:2E:24:D5:74:70:39"}}},"request":{"raw":"GET /3.4.17 HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://zhanduoduo.com.cn/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 21 May 2026 20:14:38 GMT\r\ncontent-type: text/javascript\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::vhhlv-1778775055415-ee1be01c049f\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nage: 619421\r\nlast-modified: Thu, 14 May 2026 16:10:57 GMT\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DkvA06NXvWSrmeARQ9mTosFQavB6MWa%2FuUzCsv7N0Pkg%2B75NC69wK9eQo0bWiw9kCIq5Vp%2F8scnAW9ZyZ9Fa1%2Fzdathl9CMucyHlcVLtt56U%2FN6A1HzUMCOXZcKxW%2BorEE7MueE%3D\"}]}\r\ncf-ray: 9ff63fa46d010daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-06-08T12:23:57.882502Z","times_seen":39810,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/@supabase/supabase-js@2.106.1/dist/umd/supabase.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zhanduoduo.com.cn/","date":"2026-05-21T20:14:38.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 13 May 2026 17:38:50 GMT","end":"Tue, 11 Aug 2026 18:38:47 GMT"},"fingerprint":{"sha1":"85:3A:E3:4D:41:9A:40:A5:EA:4D:21:21:BC:8B:AF:E9:9B:B2:27:3A","sha256":"41:2C:5C:27:2E:1B:0A:16:BA:4A:09:22:08:86:E9:EC:B5:B9:C4:CF:94:00:3A:8F:52:77:35:8C:F9:C4:FC:A4"}}},"request":{"raw":"GET /@supabase/supabase-js@2.106.1/dist/umd/supabase.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://zhanduoduo.com.cn/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 21 May 2026 20:14:39 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncf-ray: 9ff63fa59d9b0b31-OSL\r\ncf-cache-status: HIT\r\nfly-request-id: 01KS2NY573QRZ93T0SKTP1S058-fra\r\naccess-control-allow-origin: *\r\nage: 114026\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 21 May 2027 20:14:38 GMT\r\nlast-modified: Wed, 20 May 2026 12:34:12 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: accept-encoding\r\nvia: 1.1 fly.io, 1.1 fly.io\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncontent-digest: sha256=:dVY274OFvt+p7MshSwTdEGvTSL22NZbDlD6mTz4zmlo=:\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]}],"data":{"size":200293,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (29607)","md5":"c343d451c84900e1c80743cca8c8bb29","sha1":"17420e2253f08f8b064fdeb3b7843146978d0da6","sha256":"755636ef8385bedfa9eccb214b04dd106bd348bdb63596c3943ea64f3e339a5a","sha512":"57e6c2712a95da7fee8da40f6ec2d309b6aee26ca25473bc6ef53a177c3e8c3c86b4edea4560986f7c82d7c72ffbb7242429c8a0d8f156fd12930822b4f3c016","ssdeep":"6144:GRaq+aZCi2zxnKFHqv5NA9Gmkzw3HfMJQbyCfUp7WzUtlpJO:5aQiWKdqxvro","tlshash":"c91407d573b7a43247d59062d4391901f33ca549b81e502cbb7c6edb6aa8d08eb3af34","first_seen":"2026-05-21T12:25:20.226237Z","last_seen":"2026-05-28T09:50:18.749779Z","times_seen":9,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zhanduoduo.com.cn/favicon.ico","fqdn":"zhanduoduo.com.cn","domain":"zhanduoduo.com.cn","tld":"com.cn"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zhanduoduo.com.cn/","date":"2026-05-21T20:14:39.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zhanduoduo.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 08:09:11 GMT","end":"Tue, 04 Aug 2026 08:09:10 GMT"},"fingerprint":{"sha1":"81:05:9B:0F:37:E2:9A:F6:2B:88:8F:32:44:F5:1F:10:F3:70:AD:FD","sha256":"C4:4B:4B:C6:69:F1:03:EE:B9:E1:30:43:3D:B7:8B:1A:01:57:61:AF:C8:C0:79:28:CE:6F:5A:41:A2:C2:C8:34"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: zhanduoduo.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zhanduoduo.com.cn/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Thu, 21 May 2026 20:14:39 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncache-control: public, max-age=14400, must-revalidate\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-error: NOT_FOUND\r\nx-vercel-id: arn1::lcq6n-1779394479510-289f22dd69e3\r\ncf-cache-status: EXPIRED\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3ooU38bHk6d7D8pfpYkIlHopUiHz%2B0Hqh6oJZXYIzVf38AxLpXqgiPderjrFVyvbIqnPG3iGASOW0ZH3PfxBUPQn2ctF1xNGo%2FLOEyGOeoH%2FzDUjn10L4%2BXtax3onV3TcP4AFw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ff63fa89d5656ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"20d0d8af18946247cdfc5a12bae30831","sha1":"8165017e1d2b74b218e69dcccf095b7fff883673","sha256":"475e33fa3ba7a1b54b1034ecfe903682832486644be94c6f6ce477d537107705","sha512":"5ecdfe5ba7621305cb9e07802dd216315bee2b17a99fe98cb87853e304cedf4d8909e208664721da1b0e30f74978853fbbc4c5b588245ddc78363d8757d9b06a","ssdeep":"","tlshash":"21a0121e0be828093f88006021552335241001117d51e210008e7310106028e6340041","first_seen":"2026-05-21T20:15:01.103731Z","last_seen":"2026-05-21T20:15:01.103731Z","times_seen":1,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":72,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-21","alert":"Sinkholed","trigger":"zhanduoduo.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-21","alert":"Sinkholed","trigger":"zhanduoduo.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-21","alert":"Sinkholed","trigger":"zhanduoduo.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-21","alert":"Sinkholed","trigger":"zhanduoduo.com.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zhanduoduo.com.cn/","fqdn":"zhanduoduo.com.cn","domain":"zhanduoduo.com.cn","tld":"com.cn"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-21T20:14:38.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zhanduoduo.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 08:09:11 GMT","end":"Tue, 04 Aug 2026 08:09:10 GMT"},"fingerprint":{"sha1":"81:05:9B:0F:37:E2:9A:F6:2B:88:8F:32:44:F5:1F:10:F3:70:AD:FD","sha256":"C4:4B:4B:C6:69:F1:03:EE:B9:E1:30:43:3D:B7:8B:1A:01:57:61:AF:C8:C0:79:28:CE:6F:5A:41:A2:C2:C8:34"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: zhanduoduo.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 21 May 2026 20:14:38 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\nage: 41104\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tDfFgnJTjHwknEWcGQe2nHgNQVQaxtt0NlD3kMGZhxXnYug4s0hO5nLh5ys%2Fn4VZhWj8tf%2BbDLHvtyhtOBYeEsPLyFgw5VOPPHbYkI63xE3XREKDtAR2LuQF5Q7%2Ba%2B5kmyBwcA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 21 May 2026 08:49:33 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::d7pgd-1779394478520-120bee807921\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9ff63fa26e0b56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27131,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"9d469731abe84917601ab87c81a14936","sha1":"a3e16f127c6134eca67339d302ce3d4f9bc1f08d","sha256":"50e074cc23e684ec2e149ca8aa29512e66c54acfc7d6f9b14fc50c022a4e9195","sha512":"1cdace4f05b261533050d0c9ca7aaf5b92fe224d8f9fda265647058207e994e3a0adaabdf256fd2aa849728fe01fd7763c2b59c1e4fc99231ba84a548a89a684","ssdeep":"384:Ggdq4dDtA0MCjxWW3HVjr2Qr4sGM8Afq6zFvIMPWk16y4hvB9:GgDAUrHV7r8MbzVIPhvB9","tlshash":"4fc2f77d71f2047a88a3187737db2a553c61c10bd907c858bd7c87601f82f698ea77aa","first_seen":"2026-05-21T12:25:20.224136Z","last_seen":"2026-05-22T05:41:41.932659Z","times_seen":3,"resource_available":true,"data":null}},"time_used":494,"timings":{"blocked":205,"dns":186,"connect":1,"send":0,"wait":83,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-21","alert":"Sinkholed","trigger":"zhanduoduo.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-21","alert":"Sinkholed","trigger":"zhanduoduo.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-21","alert":"Sinkholed","trigger":"zhanduoduo.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-21","alert":"Sinkholed","trigger":"zhanduoduo.com.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/@supabase/supabase-js@2","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zhanduoduo.com.cn/","date":"2026-05-21T20:14:38.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 13 May 2026 17:38:50 GMT","end":"Tue, 11 Aug 2026 18:38:47 GMT"},"fingerprint":{"sha1":"85:3A:E3:4D:41:9A:40:A5:EA:4D:21:21:BC:8B:AF:E9:9B:B2:27:3A","sha256":"41:2C:5C:27:2E:1B:0A:16:BA:4A:09:22:08:86:E9:EC:B5:B9:C4:CF:94:00:3A:8F:52:77:35:8C:F9:C4:FC:A4"}}},"request":{"raw":"GET /@supabase/supabase-js@2 HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zhanduoduo.com.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 21 May 2026 20:14:38 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 66\r\nlocation: /@supabase/supabase-js@2.106.1/dist/umd/supabase.js\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=60, s-maxage=300\r\ncross-origin-resource-policy: cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 9ff63fa46bf90b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":200293,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T12:34:25.437902Z","times_seen":16239334,"resource_available":true,"data":null}},"time_used":247,"timings":{"blocked":33,"dns":20,"connect":1,"send":0,"wait":176,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}