{"report_id":"4ea5b39b-1b49-4de9-9056-3626b8a7c5dd","version":6,"status":"done","tags":[],"date":"2026-01-07T10:50:28Z","url":{"schema":"http","addr":"adgrhj4.top/","fqdn":"adgrhj4.top","domain":"adgrhj4.top","tld":"top"},"ip":{"addr":"23.248.207.196","port":0,"asn":138415,"as":"Yancy Limited","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"adgrhj4.top/Public.login.do","fqdn":"adgrhj4.top","domain":"adgrhj4.top","tld":"top"},"title":"人机验证 | 安全访问验证","dom":{"size":17198,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"c96834117c7a4b1daf3b795c3f9cc4ae","sha1":"858d3a84a4d96ba7c39fe383667dd9975bf69dc2","sha256":"fed11cd504817b789f8e96fb81689ca5063cced5312748cc450e5406657f17f3","sha512":"9fc7e17e26aef79a70e34baf82b72b2a8ca84827ca67434b1212529f2f8b700efa1c99e5538c80b93f2f2eb46a894d81eb5e1af02f640daf29aded89f26b7197","ssdeep":"192:H9keSdQGo3oA8J8kPE+eKWG42SEzCFg603KEa+84DMJ9KgnoYRv8oR8qG3oRFbpj:H9UE62HvVcxwOLXwtsni","tlshash":"307235aa69b321112963a4797fea96073266d003c40acd593fdc5388cf85f909ff6798","dom_hash":"domhash948e15d8c325eb010c9b596c34ab6d20","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"adgrhj4.top/","fqdn":"adgrhj4.top","domain":"adgrhj4.top","tld":"top"},"ip":{"addr":"23.248.207.196","port":0,"asn":138415,"as":"Yancy Limited","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-11T10:50:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"adgrhj4.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"adgrhj4.top","ip":{"addr":"23.248.207.196","port":443,"asn":138415,"as":"Yancy Limited","country":"United States","country_code":"US"},"domain_registered":"2025-12-31","domain_rank":0,"first_seen":"2026-01-07T10:50:29.074894Z","last_seen":"2026-01-07T10:50:29.074894Z","alert_count":3,"request_count":3,"received_data":44616,"sent_data":1511,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.6.40","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-01-04T22:21:06.427471Z","alert_count":0,"request_count":2,"received_data":254178,"sent_data":1011,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"adgrhj4.top/Public.login.do","fqdn":"adgrhj4.top","domain":"adgrhj4.top","tld":"top"},"ip":{"addr":"23.248.207.196","port":443,"asn":138415,"as":"Yancy Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"4034ea65df1aebc6defe09cc8402e8cd","sha1":"b04b502eaef11a8173659a7ac93f3b7ddf2c3e14","sha256":"e0858607674a58021160982fcae16db7ce2180a7057065127be20e4476a8dcd9","sha512":"41adca1a0c11b2d2d83d50c9bdf40f07c8e884c355f55d2e8e75b85052f1896e7976ee08e33e2f2d3e9957b63a028dc85b685a671d490f118477d1ccc3a5a31a","ssdeep":"192:QBjAVWw+iyiiyYtmUNdvVCv3uOTNAIuSgZoyT4Ciiyb4G9NNGRfW:QOLXwtsnr","tlshash":"c2f1cc7a29b725300ab3a47a7bcfa10a313640171449de48be5c8744af95f219ff5bd8","size":7882,"data":"","first_seen":"2026-01-07T10:50:34.450835Z","last_seen":"2026-01-07T10:50:34.450835Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"adgrhj4.top/","fqdn":"adgrhj4.top","domain":"adgrhj4.top","tld":"top"},"ip":{"addr":"23.248.207.196","port":443,"asn":138415,"as":"Yancy Limited","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T10:50:06.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adgrhj4.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 05:54:52 GMT","end":"Tue, 31 Mar 2026 05:54:51 GMT"},"fingerprint":{"sha1":"1E:6A:0F:F1:C2:30:C0:2E:AE:8A:8A:B2:E5:4F:A9:B1:6C:37:54:C2","sha256":"FF:18:35:F2:C7:15:49:53:9E:B5:DF:7B:B3:70:FD:95:92:6B:BC:D9:E0:63:2E:FE:DD:74:16:BC:77:5E:8A:5C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: adgrhj4.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nDate: Wed, 07 Jan 2026 10:49:56 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 23\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.6.40\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nSet-Cookie: PHPSESSID=55guu26jfheh167ccd6dp2vu06; path=/\r\nLocation: /Public.login.do\r\nVary: Accept-Encoding,User-Agent\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nX-Safe: 1767782996=BhjWQOXQrnYyRIUydxee5rc/OlcH9K4q1lOxtPwkCUgcvmsHTWlxrSXw0px5ldK863Ihq7WuiGdbrc7ICQ9aL1e4IP2vZklzjbGW5uhk2lbLnLCYHY5n6D4uhgizRxFcoiQRGQT9pezG66WVC42td7ImZfXbYxAenCflgMdq7Mk9UbSlBcI93DHNDOlyCWSY\r\nX-VIA: l1=NAtVHMAVwBxkt2e7\r\nX-VERSION: 1767583423\r\nX-Request-Id: A1DCB9DF-B694-4F4E-A9CF-72B05E769058\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.6.40","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":17627,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":2296,"timings":{"blocked":992,"dns":528,"connect":227,"send":0,"wait":310,"receive":0,"ssl":237},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"adgrhj4.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"adgrhj4.top/Public.login.do","fqdn":"adgrhj4.top","domain":"adgrhj4.top","tld":"top"},"ip":{"addr":"23.248.207.196","port":443,"asn":138415,"as":"Yancy Limited","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T10:50:07.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adgrhj4.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 05:54:52 GMT","end":"Tue, 31 Mar 2026 05:54:51 GMT"},"fingerprint":{"sha1":"1E:6A:0F:F1:C2:30:C0:2E:AE:8A:8A:B2:E5:4F:A9:B1:6C:37:54:C2","sha256":"FF:18:35:F2:C7:15:49:53:9E:B5:DF:7B:B3:70:FD:95:92:6B:BC:D9:E0:63:2E:FE:DD:74:16:BC:77:5E:8A:5C"}}},"request":{"raw":"GET /Public.login.do HTTP/1.1\r\nHost: adgrhj4.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=55guu26jfheh167ccd6dp2vu06\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 10:49:56 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nPragma: no-cache\r\nCache-control: private\r\nX-Powered-By: zehuasoft.com\r\nVary: Accept-Encoding,User-Agent\r\nContent-Encoding: gzip\r\nServer: Nginx\r\nX-Safe: 1767782996=BhjWQOXQrnYyRIUydxee5rc/OlcH9K4q1lOxtPwkCUgcvmsHTWlxrSXw0px5ldK863Ihq7WuiGdbrc7ICQ9aL1e4IP2vZklzjbGW5uhk2lbLnLCYHY5n6D4uhgizRxFcoiQRGQT9pezG66WVC42td7ImZfXbYxAenCflgMdq7Mk9UbSlBcI93DHNDOlyCWSY\r\nX-VIA: l1=NAtVHMAVwBxkt2e7\r\nX-VERSION: 1767583423\r\nX-Request-Id: 0100E48C-8143-4101-9EBD-480FD7737733\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17627,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators","md5":"9dcbb9b52c39d21fb223721ff6363436","sha1":"2655f4ca33cb35cd5b0fc5bd2651f3521224bb8b","sha256":"2a96cb81c7c53816d374650ee4759177bf38b6149d45f3b93411162621d60ce3","sha512":"0dcf6ad00785e8813d5c12ff257e263a7b5e12c56e0bdc4247ef0335d658da3e5c8f89a3866e2fbff4bb2a6a9369af1ceac389e3d168b6c47fcd61682c108c54","ssdeep":"192:J9NDz7GJN/CNbG2FvwVDk+/1a8Azr0QqutN5nBNRZgumaP/Nxiz:J9+4LsQquBpI","tlshash":"b1825129a92415115573e379bfe2960afa67402382034a593fdc63858ff6e108fb7fd8","first_seen":"2026-01-07T10:50:34.434665Z","last_seen":"2026-01-07T10:50:34.434665Z","times_seen":1,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"adgrhj4.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://adgrhj4.top/Public.login.do","date":"2026-01-07T10:50:08.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://adgrhj4.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 10:50:08 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 18752\r\ncf-ray: 9ba2e47a9d6f56ae-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6421d693-4940\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1835709\r\nexpires: Mon, 28 Dec 2026 10:50:08 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=rKraUoaQ%2Fqf8DkVGKLeJLTqLjeOsxCwmbIzUnFlj3tfFUSZFthzIeNqJSW65fZJFN88qt%2BsrFzhXuYbAOCVGqdDHpJIWcCMNU0Jzt8P2IYhN9WCXQ7unVQBUUrIAnWthzn9mclG8\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":102025,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"ded1c367363e8b20bdc6a19b8350a737","sha1":"8c06d82739d14b094ff6d9036021a252bd1d985d","sha256":"1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf","sha512":"89e71d2e66ac925ec2564aa45cd43f647fd72e5bd664e2728fb632eed71e9e6a43d72a404a8ce9993fc4d223ed985201e3a66676d01cf5e341bc7d07fd9a6207","ssdeep":"1536:OwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuZprfZCl:S709gMGFiyPGuZpfZCl","tlshash":"2ea3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-04-03T21:37:19.724564Z","times_seen":41726,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":18,"dns":1,"connect":1,"send":0,"wait":15,"receive":2,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://adgrhj4.top/Public.login.do","date":"2026-01-07T10:50:08.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://adgrhj4.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 10:50:08 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 150124\r\ncf-ray: 9ba2e47b6ee60daa-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"6421d693-24a6c\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1585339\r\nexpires: Mon, 28 Dec 2026 10:50:08 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=sMcmvKRMKBmHfaXM3CzaP4f189B7meOiIdPhe3rZV9%2FqlzKX5guTtcOc26Ku9MFOIzY%2FoZ6EIK%2FfMUygf7gngi3afssbxdVnHCrUyIK6qFSCZbVAeF3QpZbdU7QnUH7YqQL%2BgZAv\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":150124,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 150124, version 772.256","md5":"c64278386c2bbb5e293e11b94ca2f6d1","sha1":"6b99aa650bd12a36caa14e0127435d8f4cd3ba73","sha256":"7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880","sha512":"0ccdc1515510d902c0b4a48b863c48bad86e1f766b1f9c890a64e28d91ee7c6d488241c531fc094d15b29c211da71e092587a987e24ee8e67ef8ea99c284e821","ssdeep":"3072:7sCbk7w0ZXdkN6iMjif3Lr7x7wAtf+D7gDk1feXDLnurWHqrNIuv5n0:7sCbkFZXdC7MaLr9w2mIY1feXXurWyNW","tlshash":"28e3123cf2c6d486735f5aeadb79636894fd0a2e74ecc67d26b982112048f828174d1d","first_seen":"2023-04-09T20:30:06Z","last_seen":"2026-04-03T21:08:24.627286Z","times_seen":30294,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":26,"dns":1,"connect":0,"send":0,"wait":11,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adgrhj4.top/favicon.ico","fqdn":"adgrhj4.top","domain":"adgrhj4.top","tld":"top"},"ip":{"addr":"23.248.207.196","port":443,"asn":138415,"as":"Yancy Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://adgrhj4.top/Public.login.do","date":"2026-01-07T10:50:08.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adgrhj4.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 31 Dec 2025 05:54:52 GMT","end":"Tue, 31 Mar 2026 05:54:51 GMT"},"fingerprint":{"sha1":"1E:6A:0F:F1:C2:30:C0:2E:AE:8A:8A:B2:E5:4F:A9:B1:6C:37:54:C2","sha256":"FF:18:35:F2:C7:15:49:53:9E:B5:DF:7B:B3:70:FD:95:92:6B:BC:D9:E0:63:2E:FE:DD:74:16:BC:77:5E:8A:5C"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: adgrhj4.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://adgrhj4.top/Public.login.do\r\nCookie: PHPSESSID=55guu26jfheh167ccd6dp2vu06\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 10:49:57 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 7364\r\nConnection: keep-alive\r\nLast-Modified: Sun, 16 Aug 2020 11:06:48 GMT\r\nETag: \"1cc4-5acfca6756200\"\r\nAccept-Ranges: bytes\r\nServer: Nginx\r\nX-Safe: 1767782997=JDKgeGfcDiLszClidpQ0QGtBh6Uub4INanp93uS+mlhvNaXf67+az0RY/naZeXzWW4YlOglZZ8DUTQavlPb45jBxbEaqu2LKm/bjaDLlbHGSdwDZEWlFvRJR9m2qtHh5WN+qN/mGPsKR2vXYx9Sof+cW/Ag9Gl0WDke32gVjSmIoClpRnJ8LthGbAHZqALBB\r\nX-VIA: l1=NAtVHMAVwBxkt2e7\r\nX-VERSION: 1767583423\r\nX-Request-Id: ECB233F7-E05B-414C-957F-AA8AFFCEDD8E\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7364,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"fa1dbab7f853fded66a1304bdc188208","sha1":"0327c698b4711f3ba56195d1fffdb727fc334abc","sha256":"b69cf63a3b24373ac89e9bfa0f00a33b6b4c97c7b9c6122cfc09fed868974e2f","sha512":"27550041ea59edb9c98aa4bb494be5771189d21daa6220afbad03f509ee402f4864841fbba78e0aaaee5b18c43ee9835f26a523b3ef7ec23ffd6d7e7a785028f","ssdeep":"192:uJSQhTyoCDrV9xQ6PKiT8oMr5rHCWq+/y:uJ9hTyLDVZZW5rdK","tlshash":"ace16c902fd4b02ef13bb5aeb60a58ce19db319c72725cdbd072a501d37d4a48794cb0","first_seen":"2023-06-09T09:57:00Z","last_seen":"2026-01-07T10:50:34.446334Z","times_seen":7,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"adgrhj4.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}