{"report_id":"48f7ea28-0841-421c-a002-ac3f862b0116","version":6,"status":"done","tags":[],"date":"2025-12-30T11:47:57Z","url":{"schema":"http","addr":"xv.lonefun.com/","fqdn":"xv.lonefun.com","domain":"lonefun.com","tld":"com"},"ip":{"addr":"104.26.13.59","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"xv.lonefun.com/","fqdn":"xv.lonefun.com","domain":"lonefun.com","tld":"com"},"title":"404 Not Found","dom":{"size":1861,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (827)","md5":"7ef26d77101dffbfa3c868ed5595c3ed","sha1":"15406e6844c7a927098a84ebb720f29361088a19","sha256":"aeb0cb290eb8ac51164920f514afb40e7b6341f975ceb8dc3641bb252bb864c4","sha512":"cd56790cdaae5e5fc3aaf8538f83be5f7e8e43195cc1f814531aa3dee8e8297ffddbd2135c818f8aa191dd458c67332c6669f4fb97ae464039b4e383609e9724","ssdeep":"","tlshash":"b5318626c0f1422ad02f3254f7c1fb492b6b836392a31bf1364eb5a2a7c80fb01135c4","dom_hash":"domhash0c7afa3226093f1f1dacbd5bf4f0df08","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"xv.lonefun.com/","fqdn":"xv.lonefun.com","domain":"lonefun.com","tld":"com"},"ip":{"addr":"104.26.13.59","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-03T11:47:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"xv.lonefun.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"xv.lonefun.com","ip":{"addr":"104.26.12.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-01-23","domain_rank":0,"first_seen":"2025-12-23T16:30:38.215242Z","last_seen":"2025-12-23T16:30:38.804247Z","alert_count":5,"request_count":5,"received_data":10105,"sent_data":2298,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2025-12-28T22:19:30.36119Z","alert_count":0,"request_count":1,"received_data":20344,"sent_data":506,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-05T14:47:32.922261Z","times_seen":330414,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"xv.lonefun.com/","fqdn":"xv.lonefun.com","domain":"lonefun.com","tld":"com"},"ip":{"addr":"104.26.12.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-30T11:47:35.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"lonefun.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 21 Nov 2025 17:56:05 GMT","end":"Thu, 19 Feb 2026 18:53:43 GMT"},"fingerprint":{"sha1":"48:19:5F:41:FE:91:96:27:48:0C:3A:04:C1:FF:63:0F:8E:01:07:6A","sha256":"36:BC:C1:60:70:3F:B1:F0:0D:8A:0C:76:41:D8:5C:66:48:52:53:89:28:A8:AD:F5:B8:B6:20:B9:47:51:C3:C2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: xv.lonefun.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Tue, 30 Dec 2025 11:47:35 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: private, no-cache, max-age=0\r\npragma: no-cache\r\nServer: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EUIuVH%2FIx6HYmjYN%2FJ%2BxqiJQQVgXqG8ULz4UmAhqbm1WKLvSlau89h9hcuN5S3P0qVU0KyhNmhrLm5Cth8EiCvJEL20i7gQurJXH\"}]}\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nServer-Timing: cfCacheStatus;desc=\"DYNAMIC\", cfEdge;dur=3,cfOrigin;dur=49\r\nContent-Encoding: br\r\nCF-RAY: 9b614da288a25695-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1747,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (694), with CRLF, LF line terminators","md5":"df24d812f18336bf59042be631ee0a05","sha1":"6b2e55c25cc318cddff9929cbfbaf8bbb31f73f7","sha256":"94def52139a65c34d32c44072f3700924a0277fb996c37f0e3270298e7459a33","sha512":"c6b36576b611d8654c91e0d2fc0bee11b5f32d6a04923b5151b380086e2f9796b9229db4574199c4794c3ddd9bf8c52af607e8d3982c68ae5b25ff314415c091","ssdeep":"","tlshash":"5d31a53a8080415ad0270254fbd1fb982b2d836391974fa0379fb276eac80bb5163ac8","first_seen":"2025-12-23T16:30:39.545082Z","last_seen":"2025-12-30T11:47:57.871149Z","times_seen":2,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":56,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"xv.lonefun.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xv.lonefun.com/","date":"2025-12-30T11:47:35.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Dec 2025 10:36:27 GMT","end":"Fri, 20 Mar 2026 11:36:07 GMT"},"fingerprint":{"sha1":"C6:6A:71:84:C2:40:13:D1:A4:B7:DF:C4:1C:E1:54:F3:76:97:EF:6B","sha256":"EC:09:93:3E:E8:5D:9E:7A:B0:D9:7C:6D:85:49:92:10:89:9F:C8:FF:A5:1B:90:BB:AB:86:7E:D9:BA:0A:1C:4E"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://xv.lonefun.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xv.lonefun.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Dec 2025 11:47:35 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 06 Jun 2024 15:52:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9b614da389e90daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-05T14:47:32.922261Z","times_seen":330414,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":14,"dns":1,"connect":1,"send":0,"wait":16,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xv.lonefun.com/cdn-cgi/rum?","fqdn":"xv.lonefun.com","domain":"lonefun.com","tld":"com"},"ip":{"addr":"104.26.12.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://xv.lonefun.com/","date":"2025-12-30T11:47:35.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"lonefun.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 21 Nov 2025 17:56:05 GMT","end":"Thu, 19 Feb 2026 18:53:43 GMT"},"fingerprint":{"sha1":"48:19:5F:41:FE:91:96:27:48:0C:3A:04:C1:FF:63:0F:8E:01:07:6A","sha256":"36:BC:C1:60:70:3F:B1:F0:0D:8A:0C:76:41:D8:5C:66:48:52:53:89:28:A8:AD:F5:B8:B6:20:B9:47:51:C3:C2"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: xv.lonefun.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 1012\r\nOrigin: https://xv.lonefun.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xv.lonefun.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1012,"data":"{\"memory\":{},\"resources\":[],\"referrer\":\"\",\"eventType\":1,\"firstPaint\":0,\"firstContentfulPaint\":232,\"startTime\":1767095255341,\"versions\":{\"fl\":\"2024.11.0\",\"js\":\"2024.6.1\",\"timings\":2},\"pageloadId\":\"c81a7131-5283-4545-903b-e6c947ba81e1\",\"location\":\"https://xv.lonefun.com/\",\"nt\":\"navigate\",\"timingsV2\":{\"unloadEventStart\":0,\"unloadEventEnd\":0,\"domInteractive\":222,\"domContentLoadedEventStart\":316,\"domContentLoadedEventEnd\":320,\"domComplete\":321,\"loadEventStart\":321,\"loadEventEnd\":321,\"type\":\"navigate\",\"redirectCount\":0,\"initiatorType\":\"navigation\",\"nextHopProtocol\":\"http/1.1\",\"workerStart\":0,\"redirectStart\":0,\"redirectEnd\":0,\"fetchStart\":99,\"domainLookupStart\":99,\"domainLookupEnd\":99,\"connectStart\":99,\"connectEnd\":99,\"secureConnectionStart\":99,\"requestStart\":101,\"responseStart\":157,\"responseEnd\":158,\"transferSize\":1776,\"encodedBodySize\":957,\"decodedBodySize\":1747,\"name\":\"https://xv.lonefun.com/\",\"entryType\":\"navigation\",\"startTime\":0,\"duration\":321},\"siteToken\":\"da6913f76a50458fbe44a81cdc270b31\",\"st\":2}"}},"response":{"raw":"HTTP/1.1 204 No Content\r\nDate: Tue, 30 Dec 2025 11:47:35 GMT\r\nContent-Type: text/plain\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://xv.lonefun.com\r\nAccess-Control-Allow-Methods: POST,OPTIONS\r\nAccess-Control-Max-Age: 86400\r\nVary: Origin, accept-encoding\r\nAccess-Control-Allow-Credentials: true\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=st2dFiVfRE9ZIdfgKWuV9FU1851%2FbNB19hPMQNUt%2Fp3OL7g4CXYRtY1mw912kDli7tke7aVuTOy0EJriZejRGGJwPgo8Luwd7bdJ\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9b614da41a5d5695-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"xv.lonefun.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xv.lonefun.com/favicon.ico","fqdn":"xv.lonefun.com","domain":"lonefun.com","tld":"com"},"ip":{"addr":"104.26.12.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xv.lonefun.com/","date":"2025-12-30T11:47:35.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"lonefun.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 21 Nov 2025 17:56:05 GMT","end":"Thu, 19 Feb 2026 18:53:43 GMT"},"fingerprint":{"sha1":"48:19:5F:41:FE:91:96:27:48:0C:3A:04:C1:FF:63:0F:8E:01:07:6A","sha256":"36:BC:C1:60:70:3F:B1:F0:0D:8A:0C:76:41:D8:5C:66:48:52:53:89:28:A8:AD:F5:B8:B6:20:B9:47:51:C3:C2"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: xv.lonefun.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xv.lonefun.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Tue, 30 Dec 2025 11:47:35 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: private, no-cache, max-age=0\r\npragma: no-cache\r\nServer: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sP8ZY%2BQtEl3kni8YCIydijVaxZE7bJcOsG%2BevBncq8adwUnWfSvHhhn41hdnKq2glBbFpoKS2WXjpVdZdpHsu6ZLIJ8tR8iWnQFr\"}]}\r\nvary: Accept-Encoding\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nContent-Encoding: br\r\nCF-RAY: 9b614da43a885695-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1249,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"f58515dfe987f7e027c8a71bbc884621","sha1":"bec6aebf5940ea88fbbff5748d539453d49fa284","sha256":"679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43","sha512":"f085346a38318f7935d76909db0367862924cc9b0d96256f7ff4e8999c041e610bbcde8ca56c92673bde0991c85e9c9d9b6726abd91d0c3177462c80d4a99140","ssdeep":"","tlshash":"8b21653ec1c1520ae0271164fb81f3a86629821191970f703b8eb176f6cd0bb52a36c8","first_seen":"2024-02-10T12:39:22Z","last_seen":"2026-04-05T14:53:47.644805Z","times_seen":20510,"resource_available":true,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":84,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"xv.lonefun.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xv.lonefun.com/","fqdn":"xv.lonefun.com","domain":"lonefun.com","tld":"com"},"ip":{"addr":"104.26.12.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-30T11:47:35.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"lonefun.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 21 Nov 2025 17:56:05 GMT","end":"Thu, 19 Feb 2026 18:53:43 GMT"},"fingerprint":{"sha1":"48:19:5F:41:FE:91:96:27:48:0C:3A:04:C1:FF:63:0F:8E:01:07:6A","sha256":"36:BC:C1:60:70:3F:B1:F0:0D:8A:0C:76:41:D8:5C:66:48:52:53:89:28:A8:AD:F5:B8:B6:20:B9:47:51:C3:C2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: xv.lonefun.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Tue, 30 Dec 2025 11:47:35 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: private, no-cache, max-age=0\r\npragma: no-cache\r\nServer: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7W7jK0BksDC%2BAT1Pn70jpfVwQIRC0gauvL3vDiD2tFUvymxpg8awNnVOOPJEgVfgWdleO%2FxyR9Oj%2Byl%2BD068YLmEGcvCR7QyU8X%2F\"}]}\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nServer-Timing: cfCacheStatus;desc=\"DYNAMIC\", cfEdge;dur=10,cfOrigin;dur=149\r\nContent-Encoding: br\r\nCF-RAY: 9b614da0dec75695-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1747,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (694), with CRLF, LF line terminators","md5":"df24d812f18336bf59042be631ee0a05","sha1":"6b2e55c25cc318cddff9929cbfbaf8bbb31f73f7","sha256":"94def52139a65c34d32c44072f3700924a0277fb996c37f0e3270298e7459a33","sha512":"c6b36576b611d8654c91e0d2fc0bee11b5f32d6a04923b5151b380086e2f9796b9229db4574199c4794c3ddd9bf8c52af607e8d3982c68ae5b25ff314415c091","ssdeep":"","tlshash":"5d31a53a8080415ad0270254fbd1fb982b2d836391974fa0379fb276eac80bb5163ac8","first_seen":"2025-12-23T16:30:39.545082Z","last_seen":"2025-12-30T11:47:57.871149Z","times_seen":2,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":48,"dns":29,"connect":1,"send":0,"wait":164,"receive":1,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"xv.lonefun.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"xv.lonefun.com/","fqdn":"xv.lonefun.com","domain":"lonefun.com","tld":"com"},"ip":{"addr":"104.26.12.59","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-30T11:47:35.432Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: xv.lonefun.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Tue, 30 Dec 2025 11:47:35 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nLocation: https://xv.lonefun.com/\r\nSpeculation-Rules: \"/cdn-cgi/speculation\"\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gUv6SY1GsO6EuF%2FpjlYz2CzZV7kf2IxdoHhBig4fSF4iGK4sSAxTFhgTy35pQQdyAWeV2Rgg2j6tH%2F4Ddwb8r2Qsy1sB%2FJVZLmRKVd4%3D\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer-Timing: cfEdge;dur=1,cfOrigin;dur=0\r\nServer: cloudflare\r\nCF-RAY: 9b614da26b13a0f0-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1747,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"xv.lonefun.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}