{"report_id":"5d6ad8a4-97ba-423f-a9c2-4665567d0031","version":6,"status":"done","tags":[],"date":"2026-04-28T18:26:14Z","url":{"schema":"http","addr":"obais.vip","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"172.67.215.129","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"obais.vip/#/","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"title":"Obais: One-Stop Global Investment Platform | Forex | Commodities | Stocks | Indices | Cryptocurrencies | Gold | Oil","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"obais.vip","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"172.67.215.129","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-02T18:26:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":14,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:25:55Z","timestamp":1777400755,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":47676,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:25:55.913358+0000\",\"flow_id\":1117228295752544,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":47676,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-04-28T18:25:55.363360+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:25:56Z","timestamp":1777400756,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":47684,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:25:56.183012+0000\",\"flow_id\":2131755405631775,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":47684,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":910,\"bytes_toclient\":1634,\"start\":\"2026-04-28T18:25:55.614687+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:25:57Z","timestamp":1777400757,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":47706,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:25:57.069825+0000\",\"flow_id\":351379792355849,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":47706,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-04-28T18:25:56.549385+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:25:57Z","timestamp":1777400757,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":47700,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:25:57.123023+0000\",\"flow_id\":829083234884698,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":47700,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-04-28T18:25:56.547930+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:25:57Z","timestamp":1777400757,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":47760,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:25:57.276996+0000\",\"flow_id\":279782687546373,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":47760,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-04-28T18:25:56.760837+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:25:57Z","timestamp":1777400757,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":47718,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:25:57.294608+0000\",\"flow_id\":2024226604488593,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":47718,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":910,\"bytes_toclient\":1634,\"start\":\"2026-04-28T18:25:56.759697+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:25:57Z","timestamp":1777400757,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":47730,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:25:57.301938+0000\",\"flow_id\":1337143506278444,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":47730,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":910,\"bytes_toclient\":6037,\"start\":\"2026-04-28T18:25:56.759852+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:25:57Z","timestamp":1777400757,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":47744,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:25:57.317397+0000\",\"flow_id\":1823149120592808,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":47744,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-04-28T18:25:56.760744+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:25:57Z","timestamp":1777400757,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":47782,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:25:57.346257+0000\",\"flow_id\":1558205472978564,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":47782,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-04-28T18:25:56.800388+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:25:57Z","timestamp":1777400757,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":47776,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:25:57.373962+0000\",\"flow_id\":1121729421521730,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":47776,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":910,\"bytes_toclient\":1634,\"start\":\"2026-04-28T18:25:56.799554+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:25:57Z","timestamp":1777400757,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":47802,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:25:57.542898+0000\",\"flow_id\":1965759214726286,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":47802,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-04-28T18:25:57.011406+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:25:57Z","timestamp":1777400757,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":47810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:25:57.548123+0000\",\"flow_id\":1166281117347041,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":47810,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":910,\"bytes_toclient\":4662,\"start\":\"2026-04-28T18:25:57.011489+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:25:57Z","timestamp":1777400757,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":47790,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:25:57.553683+0000\",\"flow_id\":1896691845639085,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":47790,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":910,\"bytes_toclient\":6037,\"start\":\"2026-04-28T18:25:57.011181+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:25:57Z","timestamp":1777400757,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":47796,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:25:57.584011+0000\",\"flow_id\":976048425872438,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":47796,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":910,\"bytes_toclient\":1634,\"start\":\"2026-04-28T18:25:57.011318+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"obais.vip","ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-01-14","domain_rank":0,"first_seen":"2026-04-28T18:26:22.341306Z","last_seen":"2026-04-28T18:26:22.341306Z","alert_count":84,"request_count":84,"received_data":10955659,"sent_data":33888,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"vip-cservice.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-04-13","domain_rank":0,"first_seen":"2026-04-15T20:16:59.760558Z","last_seen":"2026-04-23T16:03:13.922066Z","alert_count":0,"request_count":3,"received_data":67618,"sent_data":1249,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"webapi.oba97is.com","ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-04","domain_rank":0,"first_seen":"2026-04-28T18:21:29.891441Z","last_seen":"2026-04-28T18:21:29.891441Z","alert_count":0,"request_count":17,"received_data":513444,"sent_data":8639,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-02-12T08:38:00.929095Z","last_seen":"2026-04-23T16:03:14.168673Z","alert_count":0,"request_count":11,"received_data":1059405,"sent_data":4924,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"obais.vip/js/Login-CJaDuv44.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2131fd9e8c14774c657d5d4617005846","sha1":"cf886d3f3dde104cc83a40d58815236d1dc8ff7b","sha256":"21efd98a6c5bada99a5039df8a385bc7a69794755879c679dec1a98418046f92","sha512":"fe7e33697a1c90972829de57b37649a839ffc37a14a9a51f64dda2c1bcdc4881c0a13763db63707ae70ec3fef9f90697d8d6d0825fa05db2e4293aacb9c914ab","ssdeep":"192:5MT3VEYQNzN+dNWNTpknH3caQKkn3ELqKDN/5qxBy+d7PEwjNwzPZdasQWQ5QUgh:5ZYQJIUBoL1Ibp9JyisQWQ5QbDFHiq7H","tlshash":"b532b6c8b511abf99bb30825b6047935b4185f99c067c48ef3f84c317bcacb66a24379","size":11563,"data":"","first_seen":"2026-04-28T18:21:41.077914Z","last_seen":"2026-04-28T19:31:57.522997Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/account-sgmtbgDy.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"9b706027ff221a2a9cfd654a4127712c","sha1":"eef4922ec1325a2d9cee9d3416d3e389f765471a","sha256":"90246325c6f44d9c864faa183860b28f2b2d8245527e317eb2ef818d2f6ec4bd","sha512":"f9696cc0415102e9df5f73eef296fee20d5ce0bcf99c14cbe8cc5b83ed0befb21610cfb53b222663455c8fcb37b75cebbb8254f7662e348e568e1c941439e26d","ssdeep":"","tlshash":"b011078a8e8e52f7f7b0be1260d02e03c01b6fb5ada24472f02d957751fd484c52db14","size":1104,"data":"","first_seen":"2026-04-28T18:21:40.985479Z","last_seen":"2026-04-28T19:31:57.644317Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/ArticleViewer-5iIx2dnD.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"54d711709816d38381c8abc9bf7a1072","sha1":"8ddc49ca54ab7a97d515f98881936d1ce6911874","sha256":"86d8ffa8ea8634c9c49ebf66c595897103250f1c50f8bbbf2e9c78b66914f90c","sha512":"91c263cfcdde1a9a9baf59ba6ee4b6ab42338840200a48b81fe753302881045d20b50e2a34b7f21850dc47598401990569ad3e6275e519221e45a5618439bb7d","ssdeep":"","tlshash":"bb41749c64b6cfb896f39335a58ed6545044bbced7118a89727e582a3fc0ef07a5c304","size":2403,"data":"","first_seen":"2026-04-28T18:21:41.008747Z","last_seen":"2026-04-28T19:31:57.52458Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/Calculation.vue_vue_type_script_setup_true_lang-CfzrS5r4.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ca47e01ae4be9387a5edb3e92fb6c161","sha1":"bacfadcc264d280584b54993347163c9cf2d72e5","sha256":"af4c46508afc5d54399cecfa15f2af864374f02e72f0a3c719a7edb8b22821f3","sha512":"c782eb4ec85baa69d46c9b16c77b0e92366521af2ba7edd35d5953923cf5d02aab9e9dee0c5534cb70a510640cd97eedd232a83a69ea7b8c177088a63fa6b027","ssdeep":"384:dVSYvnyMTG1CmxcgJJcwV1n2cICjan1eTkLTpkDGaAoiB6cJWM5boWBuYD8daLH0:HScyYfQ2cfansToTpQGaAoE6cbboyuYw","tlshash":"bd92a749b152db3ddbb354f1605e1014f008bfcad426c497a1bf09933aeeeb11a6927c","size":20465,"data":"","first_seen":"2026-04-28T18:21:41.016996Z","last_seen":"2026-04-28T19:31:57.51919Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/index-BDNalPlv.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b89a06d58d01ba93f988507af24066f","sha1":"7c263b4489a4e742c3bce9db416fc6c45b99fb9a","sha256":"139273777b995f60d5b22ebb4d425dc9b1e682f3606456b557f3fb1c99d76d07","sha512":"24d04eb5457ae7e061420dae2c204266e905c9bdd432c24d2643af9fa19cc4566c96b889e7c16dc3e617918fc37352403ce7356940d728d04e49db097ca1ac1f","ssdeep":"1536:69RhWl5TRoshtG80ZgNaeYXE+bUmN8SoFfefW8UjXGqW/lWBlxvH1hfGJnesv8n/:sRk5jTG8ralELZFOUnusSQilqw7ShHTh","tlshash":"af048e4db221757a86f3568a42948110a6644f49f458c4fcb6bdbc272deec5802feff8","size":173143,"data":"","first_seen":"2026-04-28T18:21:41.025411Z","last_seen":"2026-04-28T19:31:57.532223Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/PdfViewer-DIoWOB6J.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"8b13fc6a40fc5511b40c473905fb66d5","sha1":"1fbe3ea2cb8601c434ad4a5f174568d415795771","sha256":"945307e905eeea8b8f18237cfd7adf2903f6b4dfee75b67833cf2543df8cf994","sha512":"3f9e5c56659b75913370d186bd69bca6e65f34417e241eea448ae0f973a87e76c481f3e477b4353a81052e981e79ea8e58343a0364e5b8d87549b20a625fe672","ssdeep":"24576:fkpMfCJkPXXq8RqbOt7aFMz3FuEoYlOsp8yDpm0gLsC7Xl5:fkpMfCKPXXq8QCFR+l5","tlshash":"02a5a072634372e96b79468671b91609437f154d34f3a1c8ed8e2edac52ad2b237c23c","size":2202810,"data":"","first_seen":"2026-04-28T18:21:41.088766Z","last_seen":"2026-04-28T19:31:57.663106Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vip-cservice.com/js/ai_service_core.js?v=1777400756831","fqdn":"vip-cservice.com","domain":"vip-cservice.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f18eea0d33964edbd612d61f5713fd75","sha1":"93dd1f6594dcf0f7cbdb44813e4c1f2072961533","sha256":"1bc28f480d9acf22346a0cc22379fce4b7971d6e647a55de5919e641db5cc597","sha512":"5cb694ca839128e6683a513174761ccf1c4147b28d130dc1425112756d81ee61a2c65baa2272e8284264a53ba658a4f77c1753291163dcc4fc5745b0538c5931","ssdeep":"384:m+6aLTFONgSMQDbHer4p7JCA8GaHOdRUHYAnUjZpeZgy4F4Syec71gAQ77/ZMTtY:5xTFeMQDbHer4p7JCA8GMOgYAnUjZpeS","tlshash":"a48241abebbb10724457b4368b9f268435268013294cde203facded04f52a675317bf9","size":17618,"data":"","first_seen":"2025-11-30T14:17:39.769051Z","last_seen":"2026-04-28T19:45:58.085448Z","times_seen":80,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/Register-AGXhV3l3.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c0418a77a13fc281767ec208ee882cc6","sha1":"f0f26e7f7f09fe5717d52ca5c36201ff94d0c4ce","sha256":"cc0663827813a673b15da0007474841032bc07953bc1630aeee7a8e35f2cb937","sha512":"125e2b731110acecc47e5414a896f8eba5b16fd63594177d6bebd156c7a0708e1615cd9cea91240cfc1a80795d1adc554e9af3b877b4a41f6bb657b6aad31e95","ssdeep":"384:Gfh6uaz8k7mm+rwmeg5bM5MZ5iWajEJRq0g/Zk4Ltb2pVjkOymm+AR6eb0mm792e:Gfhpaok7an5g5s5TUZ5pyVjnjXYn0D91","tlshash":"2b82668cb1519bfaab7b9431f4476930682c4f5fc463c0f6e6e88c35a79ec71a51423a","size":18422,"data":"","first_seen":"2026-04-28T18:21:41.042624Z","last_seen":"2026-04-28T19:31:57.572296Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/index-C6fM29mK.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"374f015fa8429f0e37915993b4d324ca","sha1":"7b9e7a16fbca70af3ed5b50e5c7bc61536a0b8a6","sha256":"04f6a529ce2ec38fcce205df45ff45404003b1eb16c7139b5c63a7787786ec90","sha512":"192280226e105e7c7d245bbeb7e4defdbd16e874b20d4ad4f0e69904dc3bbbb859806d14501b2d94dbf23fc33e04b8f393128608a2f87e3fcbcd7bf1ace73b84","ssdeep":"6144:2CIIxjxeOb8RhWxM4e5usAdBDt27Y+jYFrBPW/5khijm7L0OYm+mKzFw0T3iTTvi:hIExeOoRhWxM4e5uswBDt2M+jYtBPW/l","tlshash":"3f641a847212b27a83f305a2543e4405e2257f88b507c4ddf1fc4cdb3e9ae9665abb78","size":337147,"data":"","first_seen":"2026-04-28T18:21:41.019507Z","last_seen":"2026-04-28T19:31:57.543827Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/index-C5USZCZH.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb7b13a96394a2b719a8e0095034e78a","sha1":"fab98613e2293e209dfc7cb61ca63765d745303d","sha256":"c9d94cd74257eb1eba283cbe8e1bc0c283d68b2683a99643e024ca5a7f9cba72","sha512":"555714ceff381118f73a37468b9562700878e3f3188ba7302ef1ad5c6dc45be93277271528b4bf74669fcaae2e2e677ba858d198b0529288b9e119f45410fb31","ssdeep":"49152:s0ttEDk+tnHLtb9NfdWgnPnjwejTWllP1B/5QOU3z:7meuD","tlshash":"d8958e8c7686f06406f382e560eb1105f2786d45f446c0a4f9fc89ab26e5e9de277f38","size":1930784,"data":"","first_seen":"2026-04-28T18:21:41.090413Z","last_seen":"2026-04-28T19:31:57.661283Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/dataModify-C6sk-dj3.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"349f5b93e9d8dde770b2c7bb055dbfcd","sha1":"ba66f08093433ff9ae5b906faaf3f669f8ee75c1","sha256":"001315e8416480bc075df6a7ae1e9a205426501bb92987fda20e438d3dfd8d11","sha512":"eb8f140aa043b2cbe0dba7d2184fc8419bdaa5a117c24e442b2db79cd646daa913774f7dacd8e8a361ad0787a5d06462bdaac341c8518391dd7330387142b3f7","ssdeep":"","tlshash":"cff0d192df3af2b06da892811dd571962d1162547ca60bc091a2ae3115934faf29cb73","size":635,"data":"","first_seen":"2026-01-30T06:58:07.07812Z","last_seen":"2026-04-28T19:33:27.063821Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/cssCalculate-VX7BHKki.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ce1a07f3d01ae4d3c15e0cc917158e4b","sha1":"72e2d8f92457931b3d813da969a71e786145dbf2","sha256":"128b5f4b42990b1b3f0ce0bad5af90e879b0941179991f2cac53531df662242d","sha512":"39bd9ec377569325f9d9ba3e34df028217f8a162adc827f8f86b06ed40fb228105cb5f94e6a2f4dd8e5bb22128062e38570a84984e777c219bf8b087ff185b78","ssdeep":"","tlshash":"68018ef8a5c1def79b4b563b0e6c492c718c5680ea1f82c2d72ca0207b402ecb132590","size":794,"data":"","first_seen":"2026-04-28T09:02:56.142354Z","last_seen":"2026-04-28T19:33:27.07658Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/Footer-CTl1tGDJ.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"4fb4c87756f120ce745c50cd64d5eaf4","sha1":"ff25d8601492479a8e77f67c5a81f98bfffdc913","sha256":"46c483c25223bce69041c9e05070aff41be924de406d298e84a00a79132382ca","sha512":"85a30fadec7a3dc12827d6e1bd36a241bbc6db7ef89a647e1e1254f82b65fa7bb271ff1aafc47993aa9827b3b53ae2add95fbb055cc485b144997f68eabf41dc","ssdeep":"192:vQvNBUmwBi5GVBmTI2rDtA5/d3WIJ14NDqCjuu0IUGjUTaqKjSTvS1wSjE8LGTMa:YvvUPBRPmTVDt6/d3WG14NqCjt0IUGjs","tlshash":"cd321a047973c9f9c6b784b4b8415510f238bfeee56bc85ab3fd890a17ced390a06260","size":11427,"data":"","first_seen":"2026-04-28T18:21:41.023646Z","last_seen":"2026-04-28T19:31:57.531402Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vip-cservice.com/js/ai_service_diy_mm67mqqq.js?v=1782321660","fqdn":"vip-cservice.com","domain":"vip-cservice.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ba54f98d5aebdb5efaca94c8bdd5a31f","sha1":"ccbe0797f816b18b83db680bcfcb57b640bb114c","sha256":"18704aa6eb91ab89c04a3fe62a70db437bec4ff55fa77e58efc220de58ca8553","sha512":"4569cffc43bc8cadaab3af3e443975289d36ec5ab092e8c6b165e1384227aea66dbc27add8c9a75fc8029d0bfff810f38054ffdd26032468f324f48bfd9cb37e","ssdeep":"","tlshash":"2831bb525e99c5721932322a8b3ba228fb311b031901ae033efe57009f31e85aa65ec5","size":1818,"data":"","first_seen":"2026-04-28T18:21:41.051103Z","last_seen":"2026-04-28T19:31:57.585302Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/login-bg-CtTnvaIr.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ebba15b40c37ba856a79bc847a08e71a","sha1":"a720af2936ab6f1dad28220622a18f7d338d44db","sha256":"3ddd883a1fd935ffb81a11e0d1dc9628d053175968f0446aa533104a2283c93c","sha512":"3f5b2f086d745a7475029b4fd91f57a953bffe5215314fba804f6b2387b8bb6e8cc1471d83c33a2fb15b0ae511beaf36b1170b39568b433ba7e7738ce28a5894","ssdeep":"","tlshash":"a1b01201855e117a0594105d4781557012e5413c2e5483bce63d46649b1620a5c47e10","size":91,"data":"","first_seen":"2025-08-26T17:46:37.227472Z","last_seen":"2026-04-28T19:33:27.06176Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/CreateOrderModal-B65Dh7Q5.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"56c28ca8ca4cfa4f39faca71e4802402","sha1":"c04daab65fb1bde02ae6ca00c0c8eb82d489d32a","sha256":"e937a7e27c3a0bf3e7839783cf1295b791c5723683eef1fde44d7e41489bcb63","sha512":"d98e16f0acb97cbd8a9319cf71180f4ba20c5632260a4322f27e87e1f7d4ed876e77491f56fc5f3735f5d53e215ab7ecb5ee4bfd4c616d7f4ffc96fdbd6fc75c","ssdeep":"384:a5pMuQAaJG8SdMmDiWdc9VGSSMSKp1k15klKkuLy26K:a3MuEJbOiWdyGSjSKp1A5aKdLy26K","tlshash":"be72d93c70e0c9be9473d1b6a2cd68244048bfcfc6635bcef63da66415d9ca16725a2c","size":16272,"data":"","first_seen":"2026-04-28T18:21:41.021442Z","last_seen":"2026-04-28T19:31:57.529488Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-Dh-6raYH.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"efd1b099161543abeb15b4c6f3d03b70","sha1":"47abda770b56adf0d8e9d1c816332103a0ae6e0c","sha256":"f55e43ac900c71cf8801f08d55352c7def776a1b1a1cb49e00c41ad0a6c68595","sha512":"9b0fcee1a07721a7ad2e7fe05e0c20cfb3ed5448576c64d28e12f20e0fb38c6af600ff1e8223ab0b7eee3fcb0fb8bbdeb7486baad3a4a37f700c5c28589c1da6","ssdeep":"","tlshash":"5131320d9473cbfc95a391351b4a2168d2947fdeea708bcdf36c14723aca9f2592c640","size":1510,"data":"","first_seen":"2026-04-28T18:21:40.977521Z","last_seen":"2026-04-28T19:31:57.641898Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/index-BKASD_Gh.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"668f902a4d7e0c09073050896d3d7a6a","sha1":"ce77f3c92376540fa9b074f9081ed0a37787824c","sha256":"e0a2fce2122bdaa5cb515e82a805a896d152bf9782a6334e80e165190b81af5d","sha512":"da6aecd2f3224fab8adb64b89b50edeb80ef5506856f4280dd56d697a4dcca322999bd3e97b01a2638dcb10e5b12d9275440e29bed5315bf2aeb3e8ef0847073","ssdeep":"","tlshash":"3461c5dd78b7f020877148ee507f0636e23a37592408d0d4e01fcd8a3931d6ab2a7e29","size":3235,"data":"","first_seen":"2026-04-28T18:21:41.044753Z","last_seen":"2026-04-28T19:31:57.550121Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/filters-DMioBfPm.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"8e54e10a264e5f1961425fea054079c2","sha1":"c129139d07eb9f706189ed0b9d3492b5ed5a8fb3","sha256":"da335758cf42618d7a30d361a1be6005b34496197db61d0f4a151f8e2b6ef046","sha512":"66b760ba37029bf850c9f06d10e10aea133dd761181b9880a0adc5fc04a1ea570a2f91727935b51c5fae975b6a71ece790e754822037d741af39c24597148ddb","ssdeep":"","tlshash":"1f118ba995c6c67b02fb88c8514d418768e87f7cb00e4b62bd64f11635a1090f4ba393","size":1046,"data":"","first_seen":"2026-04-28T18:21:41.01389Z","last_seen":"2026-04-28T19:31:57.600315Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/loan-DF3MCu-C.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ddf7d04a79d3e54b130a1a1613028354","sha1":"373af051d949659162d117d3020081816e54fb4b","sha256":"c23235cce4eee55b13caf5ce5773eb32d168d7039fb925673c2292636f71bc25","sha512":"b93af40231906af5b637f6344c19a1de94c54a4325ddc8748c2d0b27de063109f4d181183897c2e481c586e604a61272f89d23ab5d8aa3afd2aca134886f1bf0","ssdeep":"","tlshash":"cdf04cd6fd079a7f9135d23530923d02b43b9634def614702f16d4278b2c0c82717940","size":580,"data":"","first_seen":"2026-04-28T18:21:41.053552Z","last_seen":"2026-04-28T19:31:57.630552Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/SetFundForm.vue_vue_type_script_setup_true_lang-lRGlTQd1.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"8b3cfd153907ef3c30d1ef160ef45fef","sha1":"13ccb25d2edfdef0edd9d2c96971bb459ae61119","sha256":"509ebe109f6b1e25530a9dbe4947a2cd228e82ff583a9010696b7a513807265b","sha512":"907053ff19210cf84e5c675fe553696751e0af48a9e6ca0b1a60cd1e2145443a98cd50f33ff7949532c3c752e4ed8fa48dc6f0dd9f212832a918c75427e799e1","ssdeep":"","tlshash":"1651340d24b2ceff26c3a238224e6164e0c87fcfdb309755b66d447226c99f52619a55","size":2673,"data":"","first_seen":"2026-04-28T18:21:41.03452Z","last_seen":"2026-04-28T19:31:57.527777Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/TradeLayout-C7QLTg1W.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9c956c6b5c4ff0a1a9cf3fb6f95f3a2d","sha1":"1f82bbddbbfd5f9085fe13c992fb777f98464be0","sha256":"663b5a25017eef4e43bea6d82d99aa4a25d617ed4d1cabb0f58987eb13410789","sha512":"c7d3f8bfa58584cb3fe8e96a88beb9770b729dc8241720f143fbe3ff067eb40c5f9b5bb3ac7d44dc071d34da33e20262a0bb69ac5fcad42dfd617589513b6d51","ssdeep":"12288:aUfzUrYtI6HC2J46SIm/ZGUjx7e1Z5vqgEa:aEzUrYtI6i2J46SIm/ZGUjxKNF","tlshash":"d394e5847162e53993f391b5106a0401e3297f89b006c6adf27dccd73e9ad9a71baf34","size":416000,"data":"","first_seen":"2026-04-28T18:21:40.982479Z","last_seen":"2026-04-28T19:31:57.634431Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/index-CNIA2a1D.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"47aa90115bb110957870564106ed5ec0","sha1":"815fc63236bf954ad26278cab4f19ad19567aab3","sha256":"c0d2768d5fb721527dde433a1584a6ced2ed0a8bd6f72c08df6c8abe6b5d1200","sha512":"c144e3968c6ed4c0c11c0b3bf6546f77aae9e3f48c5a05d02fff8b8a682332f7f03c6298c93d15409480718bd8d08464423c6afbaa67788b5ae96b925305a4b2","ssdeep":"768:2w40rUC3AsTTEHfjiJo1DHpIh9RzpsSWGhC19pLln0X3fcUgkKq93:Y0rUmAiGs+19pGn","tlshash":"cc23832cb012cfbe9653193162ad2994e1497feec516c80af1bd18233bc3ff05a56765","size":47697,"data":"","first_seen":"2026-04-28T18:21:41.005831Z","last_seen":"2026-04-28T19:31:57.624864Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9e3916b922f6e89fef56ec3d30fc24f1","sha1":"39864de2655e9cb05aaced549d399ec6f768b050","sha256":"77f19f933dfce820e9ab4507206207ca46964edc5224fba3206261d74a3b0757","sha512":"4e9b8d49c5ddadee2aad4c3ecb9f204d9d56efe210aae8a58286d5ac9ea82affeb77751ee5c7408e6215eaaf2e7c698304bcfc43a13ff57e0ff55fd4b8fc6eea","ssdeep":"","tlshash":"04f0e21a52b850b4117bf33d738feb81363200c360489f513d1c5f840f6043846a1b96","size":518,"data":"","first_seen":"2025-08-26T17:46:37.312801Z","last_seen":"2026-04-28T19:33:27.114801Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/CookieConsent-B_fcJp-l.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"d7e9d064e01d80e5f6e29b6fe4ccdac8","sha1":"420439dd8aa598c188ba14215182d2f615f9f30a","sha256":"c11d3166913738d152b148a2ceda84ce239ae942666ef7df5d6e5d4d2649a8e5","sha512":"8830411b4c6e7fa87913c7f2869ea9c4dc5649b57b6664b15a90f6a45810122f17732d43ac4d2cd7eb22848acffc9f2f38a96abc9d6d0dd38db7e9583ae9ef62","ssdeep":"768:Vf5jwT5ISSBGZo4mrwDS0yIpdmjriD62bnPexJ:4eVsmrwTpdeiuR","tlshash":"f6e25c05e806eeb9d7f31634744a7168a4387fd9c25ac47aa3bd85232bc9f728763314","size":32677,"data":"","first_seen":"2026-04-28T18:21:40.995786Z","last_seen":"2026-04-28T19:31:57.576405Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"obais.vip/assets/Low_4-Br3Z_v1E.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/Low_4-Br3Z_v1E.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-145a\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5ZKMxsC79ZgbQAkj21m3NY%2FtO1yHTJNUTb8i6KCSp9EapVyxlarVCAr4TKdT9AE1SX9qi047yc8EEFp%2B6cmZz4zdj7nDDEYWUPyCs46EOClIR9VVJra478N1vaQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc8bc5f0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5210,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"95b8e27073c3c6e483b1a0609d083f9f","sha1":"2c4ef32b62fecfcb1cf70e0676f088c54a7d5fa7","sha256":"cf0f9d03ca1dbadd2bf8035de500cd44cd22693a30f552beff3c1ca19b014a5d","sha512":"bac6e493131b8b30a759e54276893c3544058d4a2540b7672013d49d5e2b3b6dd2a6ac21982e11ca156f7c7e0d8e2812b751cd6e3f8d1ac6189da8dba35c5a08","ssdeep":"96:8OSB6U77P8HDm2GqvjYUZKKmqVvLf8vPI1nlr8HznVGkvarcO12ReC5biF6vh:8OSYMPoDm2GqvLKKmqVvLf8vPIdlkEJ+","tlshash":"65b17dd37a01d0832e56b85bc39aeb609963344b87126a04edb1edcc1496ece0fd4ee5","first_seen":"2025-08-26T17:46:37.277551Z","last_seen":"2026-04-28T19:33:27.091872Z","times_seen":65,"resource_available":false,"data":null}},"time_used":661,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":661,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/Frame%201-BB-vAyLS.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/Frame%201-BB-vAyLS.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-1384\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XX1oETq5%2FjPwz6PEefHQKIJ5E9eDcSPqvELvqkk4p07I0QBVPmYQDNgUbIxDdkk6hWVQ1kaBbncU6HP%2Frd7x3jtv9TwSFACeLFIE3ofM1dWj4kHMG2j%2BB2c%2FvqQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc8ac570b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4996,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"adc6a06c56ada71180d5f6aaaef2682c","sha1":"11752acaf2f9bafd7a0187cd635a299c300ec55e","sha256":"615b199dfbd53bdf6eed13bdbad7e1bc63c9d6b47b5b3941f941b83dc671390e","sha512":"766a04843d059ddfbf1e13d3b5fb00aaa98551e7db75dd84822a33ec3f3194246bc22ca8cf92a9e32f8c055670223d16014b146fc1b8344338d1941879c8b1cd","ssdeep":"96:8OSV/Ycg/JRPrmxexk/17o8HtfKyk4EW+DSSxyyd+WZe3pZ4ftOv3SG:8OSVQcgxRzO441o8NfKlbWUxprQ3pUtQ","tlshash":"31a16dc057e402f8536010362bd174af8997fced76372e8db098e37d22585a5909ecb9","first_seen":"2025-08-26T17:46:37.234646Z","last_seen":"2026-04-28T19:33:27.095875Z","times_seen":65,"resource_available":false,"data":null}},"time_used":566,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":566,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vip-cservice.com/js/ai_service_core.js?v=1777400756831","fqdn":"vip-cservice.com","domain":"vip-cservice.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.851Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vip-cservice.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 03:55:20 GMT","end":"Sun, 12 Jul 2026 03:55:19 GMT"},"fingerprint":{"sha1":"70:AD:9B:85:F7:23:F3:E9:2B:B9:45:E1:ED:B5:7F:59:66:D0:A8:3F","sha256":"56:74:48:8E:C8:62:AB:54:11:1A:5A:19:3B:69:28:EE:A0:49:7F:0E:30:DB:25:6C:9C:BC:38:2A:34:BD:BA:D0"}}},"request":{"raw":"GET /js/ai_service_core.js?v=1777400756831 HTTP/1.1\r\nHost: vip-cservice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 07 Nov 2025 06:22:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690d9033-44d2\"\r\nexpires: Wed, 29 Apr 2026 06:25:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fuH2dbO8Be%2B13o3CeGup90iZ7KvF%2FnwEB9FFP6RpL8x3LXjkQucIVOzlB%2FTYTNQ1tpDuNHjc3YkG5IsReQaVEx1A7Rlax8x4Xs0236Z7ct0ZAN6SKOmKf96XL8w3qUjAJ26a\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cca4e7256b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17618,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (496)","md5":"f18eea0d33964edbd612d61f5713fd75","sha1":"93dd1f6594dcf0f7cbdb44813e4c1f2072961533","sha256":"1bc28f480d9acf22346a0cc22379fce4b7971d6e647a55de5919e641db5cc597","sha512":"5cb694ca839128e6683a513174761ccf1c4147b28d130dc1425112756d81ee61a2c65baa2272e8284264a53ba658a4f77c1753291163dcc4fc5745b0538c5931","ssdeep":"384:m+6aLTFONgSMQDbHer4p7JCA8GaHOdRUHYAnUjZpeZgy4F4Syec71gAQ77/ZMTtY:5xTFeMQDbHer4p7JCA8GMOgYAnUjZpeS","tlshash":"a48241abebbb10724457b4368b9f268435268013294cde203facded04f52a675317bf9","first_seen":"2025-11-30T14:17:39.769051Z","last_seen":"2026-04-28T19:45:58.085448Z","times_seen":80,"resource_available":true,"data":null}},"time_used":594,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":594,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/login-bg-CtTnvaIr.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/login-bg-CtTnvaIr.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69edb8e1-5b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PP7UPQcMr8zyP%2FYFn%2Fv7tE8YryeCYGj24OJvrLOpTTuyRsXr%2BMdNzRCUfZ34RNxEYQ7185sZA2AOexTESyhUpvO3hiiFnnGE3DAXRoJTh9%2FwCZRNqezDYSdpNwM%3D\"}]}\r\ncf-ray: 9f381cd80d130b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"ebba15b40c37ba856a79bc847a08e71a","sha1":"a720af2936ab6f1dad28220622a18f7d338d44db","sha256":"3ddd883a1fd935ffb81a11e0d1dc9628d053175968f0446aa533104a2283c93c","sha512":"3f5b2f086d745a7475029b4fd91f57a953bffe5215314fba804f6b2387b8bb6e8cc1471d83c33a2fb15b0ae511beaf36b1170b39568b433ba7e7738ce28a5894","ssdeep":"","tlshash":"a1b01201855e117a0594105d4781557012e5413c2e5483bce63d46649b1620a5c47e10","first_seen":"2025-08-26T17:46:37.227472Z","last_seen":"2026-04-28T19:33:27.06176Z","times_seen":50,"resource_available":true,"data":null}},"time_used":526,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/CreateOrderModal-B65Dh7Q5.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/CreateOrderModal-B65Dh7Q5.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-3f90\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wD63Qeu2glKt%2FeKZLm9IHp%2FYGQ4jEHYYF72mcKWOFmX40YIVQKhXAk%2BfH91pDUzfMKbpYmFBE6%2B1SY7lwRdJ%2FPrc%2BoSQ5TRo%2Bftas42L6wLnlcEGVFMISpH%2BqLY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cd83d1e0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16272,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (16271)","md5":"56c28ca8ca4cfa4f39faca71e4802402","sha1":"c04daab65fb1bde02ae6ca00c0c8eb82d489d32a","sha256":"e937a7e27c3a0bf3e7839783cf1295b791c5723683eef1fde44d7e41489bcb63","sha512":"d98e16f0acb97cbd8a9319cf71180f4ba20c5632260a4322f27e87e1f7d4ed876e77491f56fc5f3735f5d53e215ab7ecb5ee4bfd4c616d7f4ffc96fdbd6fc75c","ssdeep":"384:a5pMuQAaJG8SdMmDiWdc9VGSSMSKp1k15klKkuLy26K:a3MuEJbOiWdyGSjSKp1A5aKdLy26K","tlshash":"be72d93c70e0c9be9473d1b6a2cd68244048bfcfc6635bcef63da66415d9ca16725a2c","first_seen":"2026-04-28T18:21:41.021442Z","last_seen":"2026-04-28T19:31:57.529488Z","times_seen":6,"resource_available":true,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/crypto3-Bi713gOj.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/crypto3-Bi713gOj.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-b011\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QAkUs0Hk41ZXoGPv2MqBwWBmSdkVJ6Oxhoe8B0%2BuYZX0zRJlZyGDQdzq%2BMXD3cO2uOX0g9TjeVBvRXVY%2FKjQSkVOaIU16zXzsLokbspjkLkgR1CYUgIHFpKbsEY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc87c520b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45073,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 304, 8-bit/color RGBA, non-interlaced","md5":"7401918092026d21dd7dabc67295ef49","sha1":"53db5a70917874eaeed05b2e893bc51c3333fb5c","sha256":"5614ba3ba38256cc9cd354af165e23840713bd66181a33aa47b5746910dc45ae","sha512":"4875d2e3900f88a580d44720a02e6e934421dad709765ea34858f5a611c080febbe525fa52ee4f9d32fcb0a6e07bcd3e4243b43dfa2a737ca3f7659319bdb3a9","ssdeep":"768:lCCSfM5x3ifgWTfcVXTIae3k4NrUnRsK3rFh9WhT0v7zIf+B2ow:1SfM5kf/0VXle0OUnyK3gTPow","tlshash":"aa13021e41a4b5b23e0fbf571c29db00d3a7e7d58613da17c9d6855846050da31acefc","first_seen":"2025-08-26T17:46:37.219207Z","last_seen":"2026-04-28T19:33:27.064448Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1004,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":807,"receive":197,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.oba97is.com/api/common/getWhitePaperSetting","fqdn":"webapi.oba97is.com","domain":"oba97is.com","tld":"com"},"ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oba97is.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 21:50:05 GMT","end":"Sun, 31 May 2026 22:48:38 GMT"},"fingerprint":{"sha1":"E1:8E:87:FF:58:AE:4C:87:19:35:FF:89:02:31:AA:36:B2:E0:1B:E7","sha256":"BC:17:47:99:84:37:35:95:34:46:D0:B9:7E:BB:B9:81:A3:93:F7:63:90:F1:E7:69:13:CB:5D:12:58:28:9E:4D"}}},"request":{"raw":"OPTIONS /api/common/getWhitePaperSetting HTTP/1.1\r\nHost: webapi.oba97is.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://obais.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:56 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://obais.vip\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6NyQM%2FOb%2FlYjUrYmoeuXT8NY4gOZet9YY%2FIl86XgAx5Yv8AkvxL5UOiRzUEB2ie6lpa8OEJSAS7%2F%2BNsFQJdyJAsRPrhMIExvyFHIK89TL9EOZbawpQlBbPJtBPbdIP%2FuB6%2FHhJs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f381cc90ac876ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T20:35:18.51264Z","times_seen":14440285,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/TradeLayout-C7QLTg1W.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/TradeLayout-C7QLTg1W.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-65900\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fo%2BqTZ4eVgI4Vjki3Q7lpztXLRU6UZQi5uOIG9Rpd0O%2F1frIAx7HwRi1tCUy1mPKaOetyPnH%2BGDahnC1ra%2FrBJ9gLA%2BA%2B5z2sVZdZfTp5fXrKzHc6Yx1EV0JC%2FI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cd97d310b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":416000,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (48052)","md5":"9c956c6b5c4ff0a1a9cf3fb6f95f3a2d","sha1":"1f82bbddbbfd5f9085fe13c992fb777f98464be0","sha256":"663b5a25017eef4e43bea6d82d99aa4a25d617ed4d1cabb0f58987eb13410789","sha512":"c7d3f8bfa58584cb3fe8e96a88beb9770b729dc8241720f143fbe3ff067eb40c5f9b5bb3ac7d44dc071d34da33e20262a0bb69ac5fcad42dfd617589513b6d51","ssdeep":"12288:aUfzUrYtI6HC2J46SIm/ZGUjx7e1Z5vqgEa:aEzUrYtI6i2J46SIm/ZGUjxKNF","tlshash":"d394e5847162e53993f391b5106a0401e3297f89b006c6adf27dccd73e9ad9a71baf34","first_seen":"2026-04-28T18:21:40.982479Z","last_seen":"2026-04-28T19:31:57.634431Z","times_seen":6,"resource_available":true,"data":null}},"time_used":892,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":532,"receive":360,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"webapi.oba97is.com/ws/8b4de228-17a7-4fc8-8bdc-b7f34a4dc1a1","fqdn":"webapi.oba97is.com","domain":"oba97is.com","tld":"com"},"ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oba97is.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 21:50:05 GMT","end":"Sun, 31 May 2026 22:48:38 GMT"},"fingerprint":{"sha1":"E1:8E:87:FF:58:AE:4C:87:19:35:FF:89:02:31:AA:36:B2:E0:1B:E7","sha256":"BC:17:47:99:84:37:35:95:34:46:D0:B9:7E:BB:B9:81:A3:93:F7:63:90:F1:E7:69:13:CB:5D:12:58:28:9E:4D"}}},"request":{"raw":"GET /ws/8b4de228-17a7-4fc8-8bdc-b7f34a4dc1a1 HTTP/1.1\r\nHost: webapi.oba97is.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://obais.vip\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: j/QgjHbBw4nHA+Fb5nZz6A==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 \r\nDate: Tue, 28 Apr 2026 18:25:55 GMT\r\nConnection: upgrade\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://obais.vip\r\nAccess-Control-Allow-Credentials: true\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: Uvz8u6EcV0G3Cn5M4ffySqK+fzs=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=1P2Q8dZzM4pyiisECEMQhOj2KmthE%2FfgGk9t83QgiTlhmcwaQtWT2mGk56M3z8F2vYnVBNnuCMCqsPs5bxhqk5Vus7mfNmVzURtQU%2BdFuXnuggLe0gBneyvtmerhU92%2Frgnoq38%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9f381cbcadbc56b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=536\u0026min_rtt=500\u0026rtt_var=162\u0026sent=5\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=3114\u0026recv_bytes=1193\u0026delivery_rate=6928229\u0026cwnd=53\u0026unsent_bytes=0\u0026cid=08522302d5ebecad\u0026ts=604\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T20:35:18.51264Z","times_seen":14440285,"resource_available":true,"data":null}},"time_used":643,"timings":{"blocked":-1,"dns":18,"connect":18,"send":0,"wait":589,"receive":1,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/CookieConsent-B_fcJp-l.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:55.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/CookieConsent-B_fcJp-l.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-7fa5\"\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LXTHLNqqpDjTMXvPijL2Mm1HBtsY5Btrf0xWEKhdbT06NFFfEODs%2FvWqFxOLqPMkxGjfXfDfXYdeFcO17VlaWGFc30p5IpjbybhMhVA59i0soz8fYzI4YFISo9c%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc2cc030b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32677,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (28844)","md5":"d7e9d064e01d80e5f6e29b6fe4ccdac8","sha1":"420439dd8aa598c188ba14215182d2f615f9f30a","sha256":"c11d3166913738d152b148a2ceda84ce239ae942666ef7df5d6e5d4d2649a8e5","sha512":"8830411b4c6e7fa87913c7f2869ea9c4dc5649b57b6664b15a90f6a45810122f17732d43ac4d2cd7eb22848acffc9f2f38a96abc9d6d0dd38db7e9583ae9ef62","ssdeep":"768:Vf5jwT5ISSBGZo4mrwDS0yIpdmjriD62bnPexJ:4eVsmrwTpdeiuR","tlshash":"f6e25c05e806eeb9d7f31634744a7168a4387fd9c25ac47aa3bd85232bc9f728763314","first_seen":"2026-04-28T18:21:40.995786Z","last_seen":"2026-04-28T19:31:57.576405Z","times_seen":6,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/Frame%204-BZFoet9Q.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/Frame%204-BZFoet9Q.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-1661\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SWnuK4t1%2BWiqwClIAO9jFhPJ3Ptrj07IvQa4dcKWBycRvuwC9PUsmooHigPKCVRJ1j95k1WabqZsyH2HZ5IfN9z2d8pv04oz6SEokUotNJHSQLLM70NgPwf8hG4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc8ac590b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5729,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"c3db4e6b3340b588b927ecd0c523b863","sha1":"c2809f25a9992e45976739f32f2e9cab161ea7df","sha256":"46350bd8be7e27ea772bdf49836ce87165677e03ef1386f4660e01564dd42150","sha512":"3911815d12f41f1fc178e72f8a33ea8f9c481612f4c62a35c3a6a4cedf050d97cdfe8c31c8639e40c133b3a94a7e3270a3c983a54a734aff2951d6362e90fcb0","ssdeep":"96:8OSquQsKe1aEHC7jPd6PP4UF9Fmk5GZZu+khzgHkAu+Wg2u6:8OSqO9kc1NuofAu+Xp6","tlshash":"f6c1aec532f1afabd84b0c3490d67ec763ee8a5591768e0bb325a093e02e8e0120d875","first_seen":"2025-08-26T17:46:37.288981Z","last_seen":"2026-04-28T19:33:27.096424Z","times_seen":65,"resource_available":false,"data":null}},"time_used":553,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":553,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/index-bg-Cig16shZ.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/index-bg-Cig16shZ.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://obais.vip/assets/CookieConsent-BKtXZsW6.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-b2fa\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hq2x6lTvTcnUo89Mhh3NI6QM8bZuJDEzUQ38mqJ%2FUaP0fWp8g7SBmufBHjGGmvWSkEFSDOHS1oELIhva7rKHdTwzrqUY4Ldg0OnM%2F%2FONqujA7L9VAliH%2BcmNe1I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc8ec670b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45818,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 706, 8-bit colormap, non-interlaced","md5":"c09495fae9b3b9afa21e4f85338186f6","sha1":"de7e184687afed539def40fcefe0e9315596e07b","sha256":"6e82c55cbd0ee19a044a5ec37c31769eeb6e168802c661640cc683e6b3e8733d","sha512":"8268075ddb43eb44937d88d3542d2fa595f0896f76c48ff52786673de1b486274d13880754df9605fa3b303bab65dd5bb02ca5bc33e88acda64dccbf16285fba","ssdeep":"768:A6+sg4W9+cPJlO1NctTpA2+fzAJjIaZjVcpjO6X0BvRURf0hrv4llB+86HFhekx7:7+sg4mnhlO1NUdAVfkJsdNS+MHe0r1PB","tlshash":"d523f20a976dc409b8497e7d8fa48700a882cf97602d873d7e913a1de938d534f89cbd","first_seen":"2025-08-26T17:46:37.246586Z","last_seen":"2026-04-28T19:33:27.097959Z","times_seen":68,"resource_available":false,"data":null}},"time_used":935,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":753,"receive":182,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/Login-CJaDuv44.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/Login-CJaDuv44.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-2d2b\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WbeWdwkDrLG8wldlnxUjWFkun%2B1RFRyefPI7V%2FOQRHL4m%2FiE9emopznytCPOw1aNc53LQQDm45m76i8ojID4Yl%2F29nMcKTts59T9Oi%2FtJMme%2FMqTLY5AePEHQvU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cdbfd4f0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11563,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (11556)","md5":"2131fd9e8c14774c657d5d4617005846","sha1":"cf886d3f3dde104cc83a40d58815236d1dc8ff7b","sha256":"21efd98a6c5bada99a5039df8a385bc7a69794755879c679dec1a98418046f92","sha512":"fe7e33697a1c90972829de57b37649a839ffc37a14a9a51f64dda2c1bcdc4881c0a13763db63707ae70ec3fef9f90697d8d6d0825fa05db2e4293aacb9c914ab","ssdeep":"192:5MT3VEYQNzN+dNWNTpknH3caQKkn3ELqKDN/5qxBy+d7PEwjNwzPZdasQWQ5QUgh:5ZYQJIUBoL1Ibp9JyisQWQ5QbDFHiq7H","tlshash":"b532b6c8b511abf99bb30825b6047935b4185f99c067c48ef3f84c317bcacb66a24379","first_seen":"2026-04-28T18:21:41.077914Z","last_seen":"2026-04-28T19:31:57.522997Z","times_seen":6,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/index-BDNalPlv.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/index-BDNalPlv.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-2a457\"\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5FNYXbresUvGENE3c3AEitJEce6kYnlzpq0%2FkiOzD2dm%2BgMVuHXbO7rDJqYcBGll6u8jxQdq5S0J18ktJ%2Fn0TCZQwQfi9GjosfVEoKiCI1bsJ%2Bd4k3NjKlIXzXY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cbd0bb50b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173143,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (65524), with no line terminators","md5":"1b89a06d58d01ba93f988507af24066f","sha1":"7c263b4489a4e742c3bce9db416fc6c45b99fb9a","sha256":"139273777b995f60d5b22ebb4d425dc9b1e682f3606456b557f3fb1c99d76d07","sha512":"24d04eb5457ae7e061420dae2c204266e905c9bdd432c24d2643af9fa19cc4566c96b889e7c16dc3e617918fc37352403ce7356940d728d04e49db097ca1ac1f","ssdeep":"1536:69RhWl5TRoshtG80ZgNaeYXE+bUmN8SoFfefW8UjXGqW/lWBlxvH1hfGJnesv8n/:sRk5jTG8ralELZFOUnusSQilqw7ShHTh","tlshash":"af048e4db221757a86f3568a42948110a6644f49f458c4fcb6bdbc272deec5802feff8","first_seen":"2026-04-28T18:21:41.025411Z","last_seen":"2026-04-28T19:31:57.532223Z","times_seen":6,"resource_available":true,"data":null}},"time_used":885,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":711,"receive":174,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/Low_7-MbUCZvwK.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/Low_7-MbUCZvwK.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-1434\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eCQdXbTjqq699jpf3dHvUUjLJ0EeWm4GKK0eUpst3gvCJphkob%2FFD3hZB6SpIGSAsp0dL7QJHGNwr34F0r%2B6VCIYo0hA3P%2F5ceKrRk%2FgEs5Id162tdAfZRDmJhw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc8bc610b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5172,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"e38075ca6aec6851335c8a616c6f9496","sha1":"8152c7c77e00e84bfbf7d6f39fdded8ca7ef7c26","sha256":"6a3049f60479030d5b33caf22b842537e58c8dc871bcdfc6db2662c4edd005e1","sha512":"e5daec0492c9a3d5190d6722f142b72b6e855d97ef773601fdf8357c498ac740e7adec9a209221dec86b9d9ff6c5f4b17d729e80598d76ce858827b966aea75b","ssdeep":"96:8OSiMd9yT+70vrsi4pKQsMRjUUBdFvVhLf8Rbk/6jJ5qVVwVMUVycXg:8OSiM7xq/cRjUUtLURb7jvpMYXg","tlshash":"33b17de6e9f51f410ed83cb149fe70aede5bc07960a27e1c3468aaecc5254e38ac0941","first_seen":"2025-08-26T17:46:37.24529Z","last_seen":"2026-04-28T19:33:27.097026Z","times_seen":65,"resource_available":false,"data":null}},"time_used":585,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":585,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/index-bg4-4HzhR67G.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/index-bg4-4HzhR67G.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://obais.vip/assets/index-B4CX758G.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-62509\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KyKquBWnoPNcjaVEDLypyMqVA00gq1%2FM7mKT8XDBvAw4glR9xfSVIZXtLPWNcHm4AYws5z2PmHZzJse4a2iFCcVwN%2BWYmu8PWVDn%2F0vMru40J3mT78HEOI65enY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc8ec6b0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":402697,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 605, 8-bit/color RGBA, non-interlaced","md5":"e8d59ec576c7863d0a1634be119a9dd9","sha1":"904d9420707d71bcc8fe96d4bc3efd7bf6788e6c","sha256":"9946dbdc4e1830e4d974e4e2306b02eb2840791ae4fc3bfe803405261e8dffcc","sha512":"d7bb56461ed1d44c529ade4434da8ab75e6aba1771b1d76fe4ab4fd43edcecaecbc0a4fad78399b05d9a68a5df695e51e97e979462ee4c838c0dce1526be9695","ssdeep":"6144:LF22gP1p/A7+eFVOe5FE/FplkZ1CAauYMx7pHdxmDMbMzxMuVV58p3IDzZ:LK/NA5FwlkOArYMpxmDMIzjz5PzZ","tlshash":"338412c483210832ba90ee50b5618990d0282db7b405dd7517c7ff836777ba9ac7da9b","first_seen":"2025-08-26T17:46:37.261835Z","last_seen":"2026-04-28T19:33:27.089644Z","times_seen":53,"resource_available":false,"data":null}},"time_used":1385,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":793,"receive":592,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/TradeLayout-BTMc_JE1.css","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/TradeLayout-BTMc_JE1.css HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-dfd\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=usGRTzLEDo4srbF9fGNtwxpQTiEw5URb%2BHnoKIs7wgc2MQ2LdPwsIdMFfpnn1k6oWXKa0DMtf90ENvBd7qJKHbfA%2BChm2HraERN1t0IYAO5yzRhMbimwB8y58xM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cd81d170b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3581,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3580)","md5":"cbe8079071511f7dbef9887c65a22633","sha1":"0d3747d1cd96101fe2650bf6df0c13824db92a24","sha256":"3cc2da2d3b05c1a5dce153e990c1d34c9a5d266bf26b81cac4b06cb6f5a05ed8","sha512":"55fd82cb49bca96aa12040e0f3e8ee90f83883734b89510bcd9882a0604545160cc6d508610ac884f914cef01e8f4f3d5d340731d2e1b54f045a1d8dcb24f398","ssdeep":"","tlshash":"ef7143aaa11c20686273f986e6e4429d110ee343f76609d6b3407dfd8bc37fd2b75086","first_seen":"2026-04-28T09:02:56.097256Z","last_seen":"2026-04-28T19:33:27.092867Z","times_seen":11,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/account-sgmtbgDy.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/account-sgmtbgDy.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-450\"\r\nexpires: Wed, 29 Apr 2026 06:25:54 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ePvfhQJDeq0VNFK%2FgPTiL4JZ1UfBIEPDLXSgJbvRcs0pbs%2FiV1esA%2FHbUnPe%2FYEZBUBPNs%2FUYcqBKas59j2BmzA9r4Cf9Rvx6x61HsZDZgWtvqtJboOCj23XYLI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cbd2bb70b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1104,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1103)","md5":"9b706027ff221a2a9cfd654a4127712c","sha1":"eef4922ec1325a2d9cee9d3416d3e389f765471a","sha256":"90246325c6f44d9c864faa183860b28f2b2d8245527e317eb2ef818d2f6ec4bd","sha512":"f9696cc0415102e9df5f73eef296fee20d5ce0bcf99c14cbe8cc5b83ed0befb21610cfb53b222663455c8fcb37b75cebbb8254f7662e348e568e1c941439e26d","ssdeep":"","tlshash":"b011078a8e8e52f7f7b0be1260d02e03c01b6fb5ada24472f02d957751fd484c52db14","first_seen":"2026-04-28T18:21:40.985479Z","last_seen":"2026-04-28T19:31:57.644317Z","times_seen":6,"resource_available":true,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/phone-mockup-CPfpb_e7.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/phone-mockup-CPfpb_e7.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-3fdcd\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O67s3MJtlkFzexZS4j0fuQSYXbw8JlBvX%2F4xPbjt6Dn0ukzssnIRXluupZhlrU6D42Fkvkm%2BQZshH5OPiiwCb3ITH3As%2FEwDYOgx3ksuJGYHQr1N9DsmzzucTCU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc87c4e0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":261581,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 520 x 1073, 8-bit/color RGBA, non-interlaced","md5":"3e14c28536628aa6f2daeb570847935b","sha1":"bec850de8e78d4e079df7a63669034ab9c2d742c","sha256":"95d3880d87d433ce0dfcf6e01249aab632f918094f177d037fce4f81aef5c548","sha512":"9eae404fdda53d8675ffb4328692d0c35a3db0269be1b1da73b0a5f1845060804d556123b2c4788f19c662af2a91ff45ce21e0af960b8ff8101495cdca47e63d","ssdeep":"6144:4WW67gM3Q5ss/10nRyw5V46IhmxEopl80:HWzaQ5sQ0Q6Xp","tlshash":"184412f4b20ae26d07969938ea0c9b45d656c3dfb08b36baf98f5046259ff314479c03","first_seen":"2025-11-30T14:17:39.769779Z","last_seen":"2026-04-28T19:33:27.0997Z","times_seen":30,"resource_available":false,"data":null}},"time_used":1338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":771,"receive":567,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/TradeLayout-C7QLTg1W.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/TradeLayout-C7QLTg1W.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-65900\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gNv7CRU3n%2FBnXpngIiI4CFjL3ieY5PsLJxtKKjQsQDxU9eEmBobMYk2wsZg3SjTpKDg0ifBBcqihkgAo9wrO04u1C6oc7HJBujh1YTrFZBb7KzaUu9olnipCu24%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cd82d180b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":416000,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (48052)","md5":"9c956c6b5c4ff0a1a9cf3fb6f95f3a2d","sha1":"1f82bbddbbfd5f9085fe13c992fb777f98464be0","sha256":"663b5a25017eef4e43bea6d82d99aa4a25d617ed4d1cabb0f58987eb13410789","sha512":"c7d3f8bfa58584cb3fe8e96a88beb9770b729dc8241720f143fbe3ff067eb40c5f9b5bb3ac7d44dc071d34da33e20262a0bb69ac5fcad42dfd617589513b6d51","ssdeep":"12288:aUfzUrYtI6HC2J46SIm/ZGUjx7e1Z5vqgEa:aEzUrYtI6i2J46SIm/ZGUjxKNF","tlshash":"d394e5847162e53993f391b5106a0401e3297f89b006c6adf27dccd73e9ad9a71baf34","first_seen":"2026-04-28T18:21:40.982479Z","last_seen":"2026-04-28T19:31:57.634431Z","times_seen":6,"resource_available":true,"data":null}},"time_used":1104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":744,"receive":360,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/index-DVDB19tr.css","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/index-DVDB19tr.css HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-7a0\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xkxArNFktxJ8gDsYnjSHYkjBEkvWG3am1NeG4%2FbOW5iX9gk7aCZ5Q9jB16c1E%2B8YndPFjQR0ZKC%2B%2B1WQONlzLevvz8ykoCjkuhcYJ%2FXCNr6VnYmgjK5116VYrWY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cd83d1b0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1952,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1951)","md5":"89191b811df150c9969113250f2551e5","sha1":"c2f39b8a6c483854c4e3fc8ebfabd375a7163cf7","sha256":"5d2dd18d1bd08551510c2b0db276431390363510202618e6c58748dd7ef1b7f9","sha512":"a1333f5e18b08ec494bad0c2599d83567f83e93c68cb80cd895ebad27f484cf573632e62f505b78d41e2a70eecba723c337b0af58cff29365043b0668fde351a","ssdeep":"","tlshash":"9f4133e2a195129d33bb8c319596b61ea319a1c3e3d00ac86357776c6bc3b9b1dfd004","first_seen":"2026-04-06T13:22:36.402457Z","last_seen":"2026-04-28T19:33:27.086503Z","times_seen":23,"resource_available":false,"data":null}},"time_used":561,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":561,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/filters-DMioBfPm.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:26:00.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/filters-DMioBfPm.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:26:00 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-416\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X4XSJHuLLtS46u5TcMK6%2FjmGqe2lwH%2BIXWpJ9shUzP%2BE7u0VCOhn97ZgVuh4VgYPW0yJu8aQJ6TXdjfR8jC7Md5FDnJC8QM9QBEqNHMDjbsaU5RQCO4jk%2BGdmZM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cdf7d7c0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1046,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1045)","md5":"8e54e10a264e5f1961425fea054079c2","sha1":"c129139d07eb9f706189ed0b9d3492b5ed5a8fb3","sha256":"da335758cf42618d7a30d361a1be6005b34496197db61d0f4a151f8e2b6ef046","sha512":"66b760ba37029bf850c9f06d10e10aea133dd761181b9880a0adc5fc04a1ea570a2f91727935b51c5fae975b6a71ece790e754822037d741af39c24597148ddb","ssdeep":"","tlshash":"1f118ba995c6c67b02fb88c8514d418768e87f7cb00e4b62bd64f11635a1090f4ba393","first_seen":"2026-04-28T18:21:41.01389Z","last_seen":"2026-04-28T19:31:57.600315Z","times_seen":6,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/platform/obais/touch-icon.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:53.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /platform/obais/touch-icon.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:54 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wepNtowAebj8hNNZBs0GZnViG6G%2Bz4CiH2qriCXCaKFEok1YQAuM7MiphME%2Bcl6o%2B0Q1mIbG1rSuYn%2By%2B%2BZrZtXVLEQLslrf3AFLWVFjfWxDH9c1nUtn3pLikUg%3D\"}]}\r\ncf-ray: 9f381cb67b4e0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":58296,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (56756)","md5":"cbb42513032d6c09e496731ac16c20a9","sha1":"c92f38a701aad58408451d24dd4c47b05f158cf0","sha256":"d189695b2f3bb92369881f2428fa861dca9d9a94c638d9bdc4e2fa747d6f315b","sha512":"3d76f1018afceaba7cbb4083f4a5b5758966ec2aa5d5c6b07d72361782809f7ed4bd34ed9e0c4154d01a2db7192155de8251e5a834dd90b8d9823d916e1b7285","ssdeep":"768:cHJYDDQHVZHIs91TXESJBjgBSp00yCqJ3Z+IYM3WiesRQiULO0bpD9tcNQEfdom2:cmDD6oeFUycwpk06hWp1b99c7VM","tlshash":"8443021803de40a2cd8978d9426f2f3d842a1863da1c94bd1f5b6df4ca0d8a4767f1e9","first_seen":"2024-11-25T13:26:01.204756Z","last_seen":"2026-04-30T19:13:24.023012Z","times_seen":11110,"resource_available":true,"data":null}},"time_used":884,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":712,"receive":172,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/Frame%202-5VaDbG1-.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/Frame%202-5VaDbG1-.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:56 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-1656\"\r\nexpires: Thu, 28 May 2026 18:25:56 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GpmepUW%2BrZspSOHWhPoewTL64IHwMf2lLaHatKiZOHVxz4KlDNjvUhn6RpLIwm49D4%2FFZ6KoJDuElbFvC4e6OElmPFsHnxTV7RGJYotTXSFryXhdI2kdrsgwn8Q%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc8ac580b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5718,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"5f758e18ae5e7982ead7774e8a97ef13","sha1":"a304ce7a8d6956e37c1ea3d82f6f973eb8233e90","sha256":"d2655ed85d2e3cf091024f70ce46667738e6b870ad988c9a5f8b12b0d0313951","sha512":"b3fbe74ead16f03b6546cf946a1618a78bbb6e55cc45f88c75373d12ad1de1ee4175b3657e90db6157edbee31e568f92c55f851db5cd548b8b1e79d28ea1440d","ssdeep":"96:4Sg5i+RYQPkBi5/bYtii54JP9UN/z+VVyxhSxlUXIiHDo+/aAX3+v5f9C+zEJ/Ot:4SAGxBc/vrGN/m+Sxa4Ao1A+Bf8tGl3t","tlshash":"39c19f8863f4c66000a04169a9d1c3af560cf5df01edbf947045a1d518eced6ee26efb","first_seen":"2025-08-26T17:46:37.251652Z","last_seen":"2026-04-28T19:33:27.089145Z","times_seen":65,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/Low_13-B2HuoVrN.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/Low_13-B2HuoVrN.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-10a6\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LyEZRu9GmAf593P82LWQriOqy9gsP%2B2QuLsF4cc%2Bd5isd2y3zLIeJ65P54MSBsO1sq97aN%2BICTzAOzOLJiIkYdL0HXP62ULjvGSbrwdqdJRkuLyhbafGBd0iaBQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc8bc620b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4262,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"1e225322486da698930459293f9cdfcc","sha1":"09ca6066e08ce08ffc2a2d04b6d14d9ec9dafe64","sha256":"8151a3f93d70e3de89de9c9e95e0bf697d1a7f541d1734ba9df79ad7c58762a2","sha512":"bf2418af78b8d093f7560802048801899d09c5a7563c91d2d419020450598059f4ac777e7437e55c1b4ca37b71b92faa1cbd119a448b1cfc42b130a0f5986d08","ssdeep":"96:8OSWmUdZeggw367qTNvFnH5FaIeZAPjseHGYderXJNHNaw360UjtZ1YttBU:8OSWPZbjH7aF+Pj9GrXJNUwK0UjiZU","tlshash":"a8914dccd8d52f85aeed6e6ad4419b55573e1dfc9c149d8a34b0884a9c4037cb120e6f","first_seen":"2025-08-26T17:46:37.269188Z","last_seen":"2026-04-28T19:33:27.110559Z","times_seen":65,"resource_available":false,"data":null}},"time_used":561,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":561,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-Dh-6raYH.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-Dh-6raYH.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-5e6\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E2QCoVQjvfkSwx40Fe1E2xQIQ%2FrZyLc4nk%2FnffCu8XdWkzRZdAX%2B6fE7SIGcKQO1vBN9980mnUp7Dq9cARCFJ7QeKjl1aBBDK86SVu8DTqGWMQhw9D2oegeXBuM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cd83d1d0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1510,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1509)","md5":"efd1b099161543abeb15b4c6f3d03b70","sha1":"47abda770b56adf0d8e9d1c816332103a0ae6e0c","sha256":"f55e43ac900c71cf8801f08d55352c7def776a1b1a1cb49e00c41ad0a6c68595","sha512":"9b0fcee1a07721a7ad2e7fe05e0c20cfb3ed5448576c64d28e12f20e0fb38c6af600ff1e8223ab0b7eee3fcb0fb8bbdeb7486baad3a4a37f700c5c28589c1da6","ssdeep":"","tlshash":"5131320d9473cbfc95a391351b4a2168d2947fdeea708bcdf36c14723aca9f2592c640","first_seen":"2026-04-28T18:21:40.977521Z","last_seen":"2026-04-28T19:31:57.641898Z","times_seen":6,"resource_available":true,"data":null}},"time_used":552,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":552,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/index-BKASD_Gh.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:26:00.238Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/index-BKASD_Gh.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:26:00 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-ca3\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zcxSn1N7hRWVEJQ%2FdXaWeOHOMqHJcbRJPN3Fr0kGhtBqnhuz2yQ4m%2B2My97mrzH1XP0kWL64SjtClqpwiUqqBKPKS9N2lwDRFpr28D9VBTx7RdkG91hL1%2F0FpO4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cdf7d7a0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3235,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3234)","md5":"668f902a4d7e0c09073050896d3d7a6a","sha1":"ce77f3c92376540fa9b074f9081ed0a37787824c","sha256":"e0a2fce2122bdaa5cb515e82a805a896d152bf9782a6334e80e165190b81af5d","sha512":"da6aecd2f3224fab8adb64b89b50edeb80ef5506856f4280dd56d697a4dcca322999bd3e97b01a2638dcb10e5b12d9275440e29bed5315bf2aeb3e8ef0847073","ssdeep":"","tlshash":"3461c5dd78b7f020877148ee507f0636e23a37592408d0d4e01fcd8a3931d6ab2a7e29","first_seen":"2026-04-28T18:21:41.044753Z","last_seen":"2026-04-28T19:31:57.550121Z","times_seen":6,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/cap02-DD81pVdb.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/cap02-DD81pVdb.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:56 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-2472\"\r\nexpires: Thu, 28 May 2026 18:25:56 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fucGkVmRmKWPKutOc27wx42CblsUmgt2ydLsXaZOiywwDiBJvfBkP%2FAcF7mtj%2BvzP1qeRGBfXcdXeA%2FqRYAhcrkAoXQIJgRj%2B7WzvdZjCsttbV17P6VZNUfhD%2BQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc88c550b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9330,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 132 x 133, 8-bit/color RGBA, non-interlaced","md5":"4ab1cf3ece753d1eb82627035c469652","sha1":"8fd4288260a2672c70428ee600390022604c5a42","sha256":"63b00e3bd41d39461d47872b23ee4a6a5a12f68cff29ce474bd400ac8c4498ff","sha512":"3c0ebdcbdf510c654de8780e0425b90c0fbce8f7c65894b7d4432b4f416dc66b26fa5b9c4c121313a10e6b736e9fde8b157bde0aca60077286dd35266de5fa7b","ssdeep":"192:RRHaX36Byum2m1yWAGebDn3stnesP3Mpb6l5tjp2GSb2lS/9HPIIu:RoGyHX1yWTWn8tne6cF6jtjzSb2lSNId","tlshash":"ee12bfc349926778264916dcb738e5807731a8920783c38ce4b5b528b1fed8c4e63f5c","first_seen":"2025-08-26T17:46:37.28042Z","last_seen":"2026-04-28T19:33:27.077637Z","times_seen":53,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/index-C6fM29mK.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/index-C6fM29mK.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-524fb\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kpmfVSUwq3h8jcy%2FCyAjlYqKHAHbytZRjnCK2IB6RBeib7yUy3QjyNgy80TTlfNnLmceyw5YRKsv5rkgPjuCNEFhauMmf1rnEdqeApFSGQjZU1cq%2Fs6M%2B1IVNKE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cd83d1c0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":337147,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (29586)","md5":"374f015fa8429f0e37915993b4d324ca","sha1":"7b9e7a16fbca70af3ed5b50e5c7bc61536a0b8a6","sha256":"04f6a529ce2ec38fcce205df45ff45404003b1eb16c7139b5c63a7787786ec90","sha512":"192280226e105e7c7d245bbeb7e4defdbd16e874b20d4ad4f0e69904dc3bbbb859806d14501b2d94dbf23fc33e04b8f393128608a2f87e3fcbcd7bf1ace73b84","ssdeep":"6144:2CIIxjxeOb8RhWxM4e5usAdBDt27Y+jYFrBPW/5khijm7L0OYm+mKzFw0T3iTTvi:hIExeOoRhWxM4e5uswBDt2M+jYtBPW/l","tlshash":"3f641a847212b27a83f305a2543e4405e2257f88b507c4ddf1fc4cdb3e9ae9665abb78","first_seen":"2026-04-28T18:21:41.019507Z","last_seen":"2026-04-28T19:31:57.543827Z","times_seen":6,"resource_available":true,"data":null}},"time_used":1087,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":734,"receive":353,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/CreateOrderModal-B65Dh7Q5.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:26:00.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/CreateOrderModal-B65Dh7Q5.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:26:00 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-3f90\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=om0M1kbXD5iA81v8Ha0Di%2FigWWFfhX9dpgrDNVANfcWHyFikY7MgvXFPf%2B5FZ3xUMTOuGZqNMV%2BdKAl9lQFBfse4kfMmvxTjcD4knA5Ir6uKY5%2FeU1OCj%2BLRlpo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cdf7d770b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16272,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (16271)","md5":"56c28ca8ca4cfa4f39faca71e4802402","sha1":"c04daab65fb1bde02ae6ca00c0c8eb82d489d32a","sha256":"e937a7e27c3a0bf3e7839783cf1295b791c5723683eef1fde44d7e41489bcb63","sha512":"d98e16f0acb97cbd8a9319cf71180f4ba20c5632260a4322f27e87e1f7d4ed876e77491f56fc5f3735f5d53e215ab7ecb5ee4bfd4c616d7f4ffc96fdbd6fc75c","ssdeep":"384:a5pMuQAaJG8SdMmDiWdc9VGSSMSKp1k15klKkuLy26K:a3MuEJbOiWdyGSjSKp1A5aKdLy26K","tlshash":"be72d93c70e0c9be9473d1b6a2cd68244048bfcfc6635bcef63da66415d9ca16725a2c","first_seen":"2026-04-28T18:21:41.021442Z","last_seen":"2026-04-28T19:31:57.529488Z","times_seen":6,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/index-C5USZCZH.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:51.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/index-C5USZCZH.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:52 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-1d7620\"\r\nexpires: Wed, 29 Apr 2026 06:25:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t8Tf5gZVSgR4LJRA56D6Iu52sm4tROT%2BmMHmIiLgEA%2B88E06790r66nW2TVynMx%2Bm8jjYFL%2FcjR07oNZUl0mgsjUUCcYis1zg36ehGT3UoJ8txeqqVpgye8vEsE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381ca9ba800b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1930784,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (33325)","md5":"cc9b91c14b91bdde6032005b8ca8224f","sha1":"60702edbf99bf270fd9933c1cef10232eb825225","sha256":"d6e7d270e48ecaad923356881ebde4ff0d4ad7ab4665ea23049e66529353cfba","sha512":"a192804f48ee3c53d00ac86f9e11a30af7b217609d09c8fe30bfb5fe21da6cb224e7b113fde3bc107003b51f1e133ee4cf73a593d2777f434fe5f219e4963805","ssdeep":"24576:s0ttEDk+tnHLtb9Nd9G0aX8g7knPnjwejTWlWOP1BS:s0ttEDk+tnHLtb9NfdWgnPnjwejTWlle","tlshash":"06256cd8b682f06107e755e540bb0006f3397e157449c0e4f6a999eb39a9e9ca273f3c","first_seen":"2026-04-28T18:21:41.086875Z","last_seen":"2026-04-28T19:31:57.612142Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2767,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":789,"receive":1978,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/Footer-CTl1tGDJ.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:55.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/Footer-CTl1tGDJ.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-2ca3\"\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zB8f27KCB%2BRUo2scsbUujRup0rb9OGu49g9P%2Fs6dwGfS1X%2BhL1PjJxbdUvb58YLFwhUrelaLBG2Ep9LEgh9hNanPvx8uxbIlJbceZmMwqIk46a5blKmqpevcdY8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc2cc040b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11427,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (11426)","md5":"4fb4c87756f120ce745c50cd64d5eaf4","sha1":"ff25d8601492479a8e77f67c5a81f98bfffdc913","sha256":"46c483c25223bce69041c9e05070aff41be924de406d298e84a00a79132382ca","sha512":"85a30fadec7a3dc12827d6e1bd36a241bbc6db7ef89a647e1e1254f82b65fa7bb271ff1aafc47993aa9827b3b53ae2add95fbb055cc485b144997f68eabf41dc","ssdeep":"192:vQvNBUmwBi5GVBmTI2rDtA5/d3WIJ14NDqCjuu0IUGjUTaqKjSTvS1wSjE8LGTMa:YvvUPBRPmTVDt6/d3WG14NqCjt0IUGjs","tlshash":"cd321a047973c9f9c6b784b4b8415510f238bfeee56bc85ab3fd890a17ced390a06260","first_seen":"2026-04-28T18:21:41.023646Z","last_seen":"2026-04-28T19:31:57.531402Z","times_seen":6,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/Frame%207-Y2WnO9cd.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/Frame%207-Y2WnO9cd.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-10a7\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=plLXnIyahljro1qr8BU2z%2FtqMtO5VSaN8Mal9BO7Pt2LdBXqzHbhXTm9ocmlw41%2BTt%2Bp8GRuzYWbSm2dcLKJdyKz3Agd7fsQaDOCIK1Bw%2F0xEDvBDQjVQ%2Fej628%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc8ac5a0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4263,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"d5e5104db484a25110af449819dfd7ff","sha1":"d71c6ce1c4710fc41fd1c7e3528f71ef71cc6232","sha256":"19b5705c4832fd650e2dfa032ec9c31ae647eb51a7cfb6a8bdf91dfc3eb048b0","sha512":"4579d3e6605dceceb2d3c18ad431ad534b51f3a3a4f40dbee08820407dc3f97ce488136b6709675e6a84d6c58427a923d33fbd4ecaabe8aee935af183186c204","ssdeep":"96:4SqIjc9/X4edqkPCETKZ2OC+vk+YLoQh9skSY6gS54+rQ+:4SqIjc9/oe8kYZpV8QQh9ZSYc5xD","tlshash":"28916dc0bffd596ec8c7e8e4e585a48b6c7724acec5dc1088c71892e8575e331262b54","first_seen":"2025-08-26T17:46:37.295193Z","last_seen":"2026-04-28T19:33:27.113804Z","times_seen":65,"resource_available":false,"data":null}},"time_used":552,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":552,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/dataModify-C6sk-dj3.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:55.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/dataModify-C6sk-dj3.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"69edb8e1-27b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Df6JgsRtVdjqVZMrA8reTPvGyJthNbbEcZTbl1BrMdDlRwlRziB587YdsJPOP3TGqUVaWj96jynRc8cIIae4DQC4wXmYXGMJfTiH%2BFZO7WogWABmkuA4iquAAko%3D\"}]}\r\ncf-ray: 9f381cc2bbff0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":635,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (634)","md5":"349f5b93e9d8dde770b2c7bb055dbfcd","sha1":"ba66f08093433ff9ae5b906faaf3f669f8ee75c1","sha256":"001315e8416480bc075df6a7ae1e9a205426501bb92987fda20e438d3dfd8d11","sha512":"eb8f140aa043b2cbe0dba7d2184fc8419bdaa5a117c24e442b2db79cd646daa913774f7dacd8e8a361ad0787a5d06462bdaac341c8518391dd7330387142b3f7","ssdeep":"","tlshash":"cff0d192df3af2b06da892811dd571962d1162547ca60bc091a2ae3115934faf29cb73","first_seen":"2026-01-30T06:58:07.07812Z","last_seen":"2026-04-28T19:33:27.063821Z","times_seen":47,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/account-sgmtbgDy.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:55.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/account-sgmtbgDy.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-450\"\r\nexpires: Wed, 29 Apr 2026 06:25:54 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iw%2BRGU%2BR6hqFGzLXq65QCH2zp72koxS%2FiHH444ZOjIbSjawWdil3NiwBZZAOzKBZAHNXkcWPLb0wIIn2xGnOIpqj1V3KQqPSHHbrnVokrRICVpKGyRmzWU8Z%2F1I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc2cc050b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1104,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1103)","md5":"9b706027ff221a2a9cfd654a4127712c","sha1":"eef4922ec1325a2d9cee9d3416d3e389f765471a","sha256":"90246325c6f44d9c864faa183860b28f2b2d8245527e317eb2ef818d2f6ec4bd","sha512":"f9696cc0415102e9df5f73eef296fee20d5ce0bcf99c14cbe8cc5b83ed0befb21610cfb53b222663455c8fcb37b75cebbb8254f7662e348e568e1c941439e26d","ssdeep":"","tlshash":"b011078a8e8e52f7f7b0be1260d02e03c01b6fb5ada24472f02d957751fd484c52db14","first_seen":"2026-04-28T18:21:40.985479Z","last_seen":"2026-04-28T19:31:57.644317Z","times_seen":6,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/Frame%208-BqAgsyxz.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/Frame%208-BqAgsyxz.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-1c47\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bhhkxHtGIdgoKLP1hrpqlC2Rkm%2FxCnOKspczh8rRMGUBBsgJQ7vUk%2B%2B8NpdIMNk9rQrTZBRveEVGjGpbk86aXfpPQaghcis6Vz5uA251kNzWswRysJTF7MgcJS0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc8ac5b0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7239,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"75a72c4dea3d1c72958d06e43d016c04","sha1":"cf235da5a62609b4906cfd3eca2815d0010e824d","sha256":"fd587397411636272992efc7f82bac757bb590dab7d43397c81c7e8fbed942e6","sha512":"0ddce061afc227f09eb29ef76f8727d4912024661382f43f130594f8215f72890154a2ca9833f6bbc5a73b52ac17b93d242cc6613667e250a97dc064870d00d2","ssdeep":"192:8OShxXd6eltxGINi4o+REDb+riYu04FZwWQnv+wPInRa:+nzduUo+tu0cZInmAAQ","tlshash":"0ee19ef5689448b39a23843608c87f70db655b776fc149a670706a890e3127d66c2bac","first_seen":"2025-08-26T17:46:37.267799Z","last_seen":"2026-04-28T19:33:27.114284Z","times_seen":65,"resource_available":false,"data":null}},"time_used":572,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":572,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/XAUT.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/XAUT.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 28 Apr 2026 18:25:57 GMT\r\nContent-Type: image/png\r\nContent-Length: 110638\r\nConnection: keep-alive\r\nx-oss-request-id: 69F0FBB57CD23C34329ABC40\r\nAccept-Ranges: bytes\r\nETag: \"9D1FA90455F3E0C966910678A6341204\"\r\nLast-Modified: Sun, 03 Nov 2024 12:42:47 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14148370102076571509\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: nR+pBFXz4MlmkQZ4pjQSBA==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":110638,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2000 x 2000, 8-bit/color RGBA, non-interlaced","md5":"9d1fa90455f3e0c966910678a6341204","sha1":"145bdb8bff255f92c9c620d27a93960edb79911e","sha256":"e8ee450381bbe0475a4995dd8c00847ddd3000ebf42e5a62f9713946f2b973c3","sha512":"9479e1c57ab8e76cf9e37b9aeae8e1bce0e18aaa41c832fb5b750e9b15e788d9230a71db5f1507d349d9451f6ac824dedb524059ed7f50e77f674705289460b2","ssdeep":"1536:kvTV1GCc70U2WCG9hf7KFAK0B5Z3uIwZmsmUcLVqDBOHqwnU/:k7VY4UrCG91WCtB5Z+pbcGBOKj","tlshash":"d4b3c5cc05f0f1ee9176ce2c94a7358c046243bbce597ab2f311d6df581aba99c118a7","first_seen":"2025-07-19T00:50:04.632539Z","last_seen":"2026-04-28T19:33:27.103615Z","times_seen":55,"resource_available":false,"data":null}},"time_used":2166,"timings":{"blocked":795,"dns":1,"connect":265,"send":0,"wait":272,"receive":296,"ssl":534},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.oba97is.com/api/option/rules/getTeam","fqdn":"webapi.oba97is.com","domain":"oba97is.com","tld":"com"},"ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oba97is.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 21:50:05 GMT","end":"Sun, 31 May 2026 22:48:38 GMT"},"fingerprint":{"sha1":"E1:8E:87:FF:58:AE:4C:87:19:35:FF:89:02:31:AA:36:B2:E0:1B:E7","sha256":"BC:17:47:99:84:37:35:95:34:46:D0:B9:7E:BB:B9:81:A3:93:F7:63:90:F1:E7:69:13:CB:5D:12:58:28:9E:4D"}}},"request":{"raw":"GET /api/option/rules/getTeam HTTP/1.1\r\nHost: webapi.oba97is.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://obais.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://obais.vip\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B2PxbcZMDF7UbLn1CM4wX3ZxH75x%2B%2B%2BHAIecnJ8yJ1%2BTdVU69aQ8KAKrj%2BHdSF3DDJDIRK%2FONdC3AzkoyrfRtrho20Bq6IBiXyHb2%2Bpkw7rTu4spPFZbHX%2FbcPaOQPmaUtI%2BLgo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cca4b3576ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6799a56f357e2db219241accbe6bed09","sha1":"2aebefc6f66a5ea206d6d721b13ee41644bb1e54","sha256":"45cd83f3d99b0527145fa4bc41694853be069eb203c3194c2b26a6db4ca4db07","sha512":"bf4ce72e43adab23eaf00a532171108e3f3754f238f189532dda6c074e7276c2bb8c93a10ae3fa36272ea68ba3f1485bcebe2b55706241e0614639f4e0d79e64","ssdeep":"","tlshash":"3680003b080ce88338033888000a0b0020e82080ab200300cc2c02388a08288a082880","first_seen":"2023-11-15T10:07:01Z","last_seen":"2026-04-28T19:45:58.094515Z","times_seen":50,"resource_available":false,"data":null}},"time_used":389,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":389,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/index-D_5Uqi88.css","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:51.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/index-D_5Uqi88.css HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:52 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-374c1\"\r\nexpires: Wed, 29 Apr 2026 06:25:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PLXiFmNmIVDxyII3STuiot0qQNnaT0n%2Bji6V3bCzmyNv%2Fy0J1h%2F7jZj7W4ilN5Tizg2NZfelRkxi7L6RkViboZHxDTULP2tJlVIMUXznXZDEGGGjwlNUE%2B54%2BIc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381ca9ba810b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":226497,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"459a90e379edb9b3d8f2bfc87251d618","sha1":"29054b3d0b9dad1aec23a300e6e20d3192dc3df8","sha256":"4dd3e9f1e1e613a6df2d68dc2090f3c252cc068d1a60edcedb53772e67a99984","sha512":"cc7a7d078e7cea63a20d54e479e99cfeb9242f4eaaa3b2f0026736ee2b8d08493cfcc2dc54daa724778173f1707e914e25a5b6c1abfe0b3522dbcb8a7c9d1a61","ssdeep":"6144:+ExgAtraQez/J6ijqI+ChRk1Cfvkauh/X31uhE79QQ4R8eG+Qkq7sIZ36:r89Ic","tlshash":"5f2455bde28904e63b36cca6d374778e6039f6b1c9955d95f81b501cefc33a10682a78","first_seen":"2026-04-28T09:02:56.11226Z","last_seen":"2026-04-28T19:33:27.082576Z","times_seen":10,"resource_available":false,"data":null}},"time_used":837,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":790,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/Calculation.vue_vue_type_script_setup_true_lang-CfzrS5r4.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/Calculation.vue_vue_type_script_setup_true_lang-CfzrS5r4.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-4ff1\"\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qL7nxG2BR1vSssZlJLH2NC%2B%2FsA3CGdU%2B%2BEpXamm1DJvGPM3JpKE3vuK8kmmPiQWMVuH%2FxMOpu%2Bg2wuHJWzlYCcbYDA4fDFnhJeT7kdDGZrqAQnt4ZNgSWGt%2FDDM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cbd2bb80b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20465,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (20458)","md5":"ca47e01ae4be9387a5edb3e92fb6c161","sha1":"bacfadcc264d280584b54993347163c9cf2d72e5","sha256":"af4c46508afc5d54399cecfa15f2af864374f02e72f0a3c719a7edb8b22821f3","sha512":"c782eb4ec85baa69d46c9b16c77b0e92366521af2ba7edd35d5953923cf5d02aab9e9dee0c5534cb70a510640cd97eedd232a83a69ea7b8c177088a63fa6b027","ssdeep":"384:dVSYvnyMTG1CmxcgJJcwV1n2cICjan1eTkLTpkDGaAoiB6cJWM5boWBuYD8daLH0:HScyYfQ2cfansToTpQGaAoE6cbboyuYw","tlshash":"bd92a749b152db3ddbb354f1605e1014f008bfcad426c497a1bf09933aeeeb11a6927c","first_seen":"2026-04-28T18:21:41.016996Z","last_seen":"2026-04-28T19:31:57.51919Z","times_seen":6,"resource_available":true,"data":null}},"time_used":614,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":614,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.oba97is.com/api/common/getCoinSecondList","fqdn":"webapi.oba97is.com","domain":"oba97is.com","tld":"com"},"ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:55.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oba97is.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 21:50:05 GMT","end":"Sun, 31 May 2026 22:48:38 GMT"},"fingerprint":{"sha1":"E1:8E:87:FF:58:AE:4C:87:19:35:FF:89:02:31:AA:36:B2:E0:1B:E7","sha256":"BC:17:47:99:84:37:35:95:34:46:D0:B9:7E:BB:B9:81:A3:93:F7:63:90:F1:E7:69:13:CB:5D:12:58:28:9E:4D"}}},"request":{"raw":"POST /api/common/getCoinSecondList HTTP/1.1\r\nHost: webapi.oba97is.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://obais.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://obais.vip\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Hv96hUFmYzaZ6bgSceUSLEVAIDhBel4m9Rec%2FRDIJgOhL0JrI4dCulMZIClDP3ibIgwVaW26gwEvfqqCpOMb7d%2F%2F3w0MUrW%2BPngXyIlZ%2Bbw2LLtTlqZs32qx1VZyLOwAhp%2Fp578%3D\"}]}\r\ncf-ray: 9f381cbe8e4556a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":51237,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (50353), with no line terminators","md5":"e4e96ae632fbeda0fdf91b61e4c289b9","sha1":"95278500b8b18c19a6fca0f0c7dd7ff7d0aea15f","sha256":"7095bfb9e235a0c5340258dea94d246cc5e916e9e0c04d168fceb2cb17b857cf","sha512":"248a176d5ac5da53624da791a58b8b3ca5075cbe8f957bb6700db6618919715db84ba3acfe7e335684acc9360efe1880c277c0ffa7e6af504ce128fbe8bd1a6e","ssdeep":"192:P8r1noLSfHOZLgY7PvVsim2Z5bzfvsbNvuDk4FCOrrHK8kjcS3tnMmFt6rWGos7K:1m+6Xzw1XmG5fTpef","tlshash":"4e33eb2ab624887c535045ce59533f53929d256bfe8d8e7ec8ff4ec520f8b76220760a","first_seen":"2026-04-28T18:26:26.000303Z","last_seen":"2026-04-28T18:26:26.000303Z","times_seen":1,"resource_available":false,"data":null}},"time_used":761,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":761,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.oba97is.com/api/common/getAllSetting","fqdn":"webapi.oba97is.com","domain":"oba97is.com","tld":"com"},"ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:55.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oba97is.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 21:50:05 GMT","end":"Sun, 31 May 2026 22:48:38 GMT"},"fingerprint":{"sha1":"E1:8E:87:FF:58:AE:4C:87:19:35:FF:89:02:31:AA:36:B2:E0:1B:E7","sha256":"BC:17:47:99:84:37:35:95:34:46:D0:B9:7E:BB:B9:81:A3:93:F7:63:90:F1:E7:69:13:CB:5D:12:58:28:9E:4D"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.oba97is.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://obais.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://obais.vip\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SPkina%2B2aOovgrBCdCnH%2FU5MqS3NjteIFMQq0kXVywJmib1Fbr5aF2jFRE6UsQ4TbzuGePLbI3QmisRN%2FQtu9BH%2BaG357zQ7AnJfe48aYBUuAw83xJ9dFyCopECCWPaEr7ufFRs%3D\"}]}\r\ncf-ray: 9f381cbedeb856a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41732,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d4e670ddb947fd659c19540b1c9392ec","sha1":"30199d64cceed2817062f3e0a5e59e88c44a9450","sha256":"b2c254152ed839b694ee15708fb5faef69bb85f5ca022820107bee31d141a61d","sha512":"37220017259d6b3b52c13c68a3ed75ba1011ee9bd3e29c0864588f5fc404a62c95bfaa6dae45aa247d8f484db0ea2cd72039113ea0477e37ae0813290a32d4d4","ssdeep":"384:whzrYmpsTZpXKbVlZozism0eKwUu3vipCEA:wtUmGTZQhlZozUiY","tlshash":"e713961ab1a8fcbdc7daa8c600773a6b35ac387bee955d54e1cd4e0c43e9471850b60b","first_seen":"2026-04-28T18:21:41.032057Z","last_seen":"2026-04-28T19:31:57.594737Z","times_seen":6,"resource_available":false,"data":null}},"time_used":321,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":321,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/bg_1-BEkGORMz.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/bg_1-BEkGORMz.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://obais.vip/assets/Footer-kqO8xzJ8.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-1b1e7\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q4ird8XgHvr%2Ffmk9ne992wKriMMOtwGtMQGxhk0NvRpY0xpH3FxZf3UZAoLfs4OCpECLELhYPoRrlxa9jI%2BhWELNENxhtDK3MBT30hXtdZfxvk1qGxuh7T1vS3U%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc8ec6c0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":111079,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 223, 8-bit/color RGBA, non-interlaced","md5":"2667011e3e80bffc8f53b439e07ed571","sha1":"95f1f9ca0d80b2a0d88b15e41ff4c0804eecbd86","sha256":"71512d4d03b324477cbaa139206155fb48617658908eb7309b2abcf7691c9258","sha512":"d3038c24866b6edacd3c1e24f83285f7a03cb14a00552290d650042c6977ada5c6ecd88e9cfb85ec027398e450aa6b1718837198f2dd070d886049d31ff041b8","ssdeep":"1536:ZeZbH5ZJim+F0K+MQpgatMdAt8SgQh4LDyOBhOHQSTUFN4DoY84bAGB8d8Zf3p75:4Zb/JipFP+btwP4uFwQpksCBhpwvIqYJ","tlshash":"8ab31284374f43b9c666bc2d4c0fb950b7a68125b124ce84dff78417716aa3e8f89e61","first_seen":"2025-08-26T17:46:37.222479Z","last_seen":"2026-04-28T19:33:27.11212Z","times_seen":65,"resource_available":false,"data":null}},"time_used":1012,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":680,"receive":332,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.oba97is.com/api/common/getWhitePaperSetting","fqdn":"webapi.oba97is.com","domain":"oba97is.com","tld":"com"},"ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oba97is.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 21:50:05 GMT","end":"Sun, 31 May 2026 22:48:38 GMT"},"fingerprint":{"sha1":"E1:8E:87:FF:58:AE:4C:87:19:35:FF:89:02:31:AA:36:B2:E0:1B:E7","sha256":"BC:17:47:99:84:37:35:95:34:46:D0:B9:7E:BB:B9:81:A3:93:F7:63:90:F1:E7:69:13:CB:5D:12:58:28:9E:4D"}}},"request":{"raw":"POST /api/common/getWhitePaperSetting HTTP/1.1\r\nHost: webapi.oba97is.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://obais.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://obais.vip\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kG8PxLqg1yDb17r8QIBv1BEDigfwAyjKxZjJ%2Bdmkx6gomGjMJWnvsrJcTnp5XMZ40noFwXVQmPVu0IvggiRiiItois3okgYfeyT34qmmAuuRSIRiMYs2qbn01gIJaXy95eDDs4w%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cca4b3676ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":155,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"f31a495f108e9661e10ec9da1a8fda23","sha1":"1e609fdf3b0bf6d9387dd106f8a054f598ee2c4d","sha256":"231cdb908c60f792285f6f9c2d42d13ab9ec0514ee105c2340b08582f3c26550","sha512":"75d4c5dc591375f46340ee110334729e7af3f293f1d11d7d5a7f92d55394c9324c96499f6dccb2ec49a0f4548ed719d824e8e1a179958396804acf410f623b8c","ssdeep":"","tlshash":"bfc08022155890a355e1d9dc4505070db5d4346735401240d424ed08e8486b7560a54c","first_seen":"2026-04-28T18:21:41.062218Z","last_seen":"2026-04-28T19:31:57.637191Z","times_seen":6,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/Register-CZzsnL_s.css","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/Register-CZzsnL_s.css HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69edb8e1-bd\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6ZZNJUUWv%2FhFnk1w4i6%2Bq7o3uPOpxZouqeK1lslmxo29i7zJ9tXnSuXiFkQcUeTxYapzCA6Vvwj1hAp3ElfAtL20idHUanR5g6AE8Pff6KNnW9KRqHSuBwBXUtw%3D\"}]}\r\ncf-ray: 9f381cd80d140b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":189,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"0f478f9acb51dc6d5bba246cfb3c40f4","sha1":"e0b895c539b695c5bb07f09eb825e1a8c566e5ef","sha256":"6b51f62c7175076988c4aa1b50db70a4d3b2ba26a5cb91b03e9d901875873e26","sha512":"5f3b2329636cd8a81ed09c4790c6e8a45a1c0ce25c899f02ba6eb5eaf8252cca00a31fd4af1de7b4d60c9efad17bc8483a7bc274b73aa5ee4b2f42b852991979","ssdeep":"","tlshash":"11c01252841e713b1eaff2545295c18d9534b7d3ac221a6c5615729097e6ec0261e4c9","first_seen":"2026-01-30T06:58:07.097395Z","last_seen":"2026-04-28T19:33:27.085897Z","times_seen":47,"resource_available":false,"data":null}},"time_used":631,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":631,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.oba97is.com/api/common/getAllSetting","fqdn":"webapi.oba97is.com","domain":"oba97is.com","tld":"com"},"ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oba97is.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 21:50:05 GMT","end":"Sun, 31 May 2026 22:48:38 GMT"},"fingerprint":{"sha1":"E1:8E:87:FF:58:AE:4C:87:19:35:FF:89:02:31:AA:36:B2:E0:1B:E7","sha256":"BC:17:47:99:84:37:35:95:34:46:D0:B9:7E:BB:B9:81:A3:93:F7:63:90:F1:E7:69:13:CB:5D:12:58:28:9E:4D"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.oba97is.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://obais.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:25:54 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://obais.vip\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IBYNm4aI3aGXXUz4apF798XSUwboxNx1sYAUmSyN%2Bzni61r3YT71OxdC%2BaVP%2BvuYHdCx1k3KPnpEEl7dG%2FJ4usrtykXzJMhk3GXVpKvDPtXcDqImm8IMOhNWVdR2OiEGAGxoL38%3D\"}]}\r\ncf-ray: 9f381cbd4caa56a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T20:35:18.51264Z","times_seen":14440285,"resource_available":true,"data":null}},"time_used":325,"timings":{"blocked":54,"dns":1,"connect":8,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/Footer-kqO8xzJ8.css","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/Footer-kqO8xzJ8.css HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69edb8e1-60\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z0iamYGJjKtSqrOqTB5ugcXMqL0Mk8rUpVGBEc8PcKuX%2FIfloZAEd9qxjL2G%2F8WG%2FyrgXoHRcshGRFSoGRof89tbu2sB6mI3E014r%2BAHwUspe6EPGU3jCS9hJSk%3D\"}]}\r\ncf-ray: 9f381cbd0bb00b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f2d8db841ee2cccba46a4846bb383b9b","sha1":"21ec1dc977ba6ee4b0fe0a042add8ff45f05ce42","sha256":"8b180be1698077bebaaf6beb91aa095652e82bdb700bb511b126055be7e155ed","sha512":"746edcc3f53af777995441974d93a876940ffe4fec86613f9f14d3801a2f9e7d0811f7d9ed5ecc3fb6525ae957665a71e779b3b391dd0435daad7586389ee8e4","ssdeep":"","tlshash":"69b0127030ef5567744f62b93015a2308159c106d3051e0c353c62fe39d20001157296","first_seen":"2025-10-10T02:51:18.076622Z","last_seen":"2026-04-28T19:33:27.094751Z","times_seen":50,"resource_available":false,"data":null}},"time_used":573,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":573,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/Low_3-CoMiX5LU.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/Low_3-CoMiX5LU.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-1da0\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0EVE%2BUKU97xpIEfnqA1LeJGrl7ZLK0FtwS%2BEqtyE%2BY1IsU34IGNE6CHLBka8OZpVje7twBUF17szjzwLVGQwmIeM81xRQpXr4Rd2umcTQr6kgji68hi3GMpgCJo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc8ac5d0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7584,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"a8b00a7e3bf2f70c8c4887d24abe8b51","sha1":"92ce419cdd7ab6e8d8e7bc05500761fbd08eaa9a","sha256":"8f98a9cc45245fbac829f6a93e5e24c3c5e3703ce68eb080d4c9421c297dee2d","sha512":"9db0c799a8dc0e938d327e0c20f3cb3cb98d3260668705dda23fb04e73efe9278988f6499b2f96df201da432efb01a8b5ae44efe08195914b02479dfe70bdc23","ssdeep":"192:8OSF296sDSSaQ+8CQ2twPskLuqpZ+DJ72iUyoutP3QB:+I6OSZs2tnkniYiUyo2E","tlshash":"c7f1b0d7a5e96df1f736311988dcd2037f0fb258a6a00a66f5039a84e7f450c870f061","first_seen":"2025-08-26T17:46:37.283171Z","last_seen":"2026-04-28T19:33:27.109123Z","times_seen":65,"resource_available":false,"data":null}},"time_used":558,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":558,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/SOL.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/SOL.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 28 Apr 2026 18:25:57 GMT\r\nContent-Type: image/png\r\nContent-Length: 25649\r\nConnection: keep-alive\r\nx-oss-request-id: 69F0FBB5BC6A5B3539358F3B\r\nAccept-Ranges: bytes\r\nETag: \"670C723ABC22056BC5368CA2A97DD6A2\"\r\nLast-Modified: Tue, 22 Oct 2024 11:42:55 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10769821075161595358\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ZwxyOrwiBWvFNoyiqX3Wog==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":25649,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 201, 8-bit/color RGBA, non-interlaced","md5":"670c723abc22056bc5368ca2a97dd6a2","sha1":"5ba69b915180c31e4d35a524a9de7b3409ef80a8","sha256":"11192935f626fdb37ddfd8418d754feee326fc6f0a3ce7aa6e61283a820d8b09","sha512":"546901ff0dd66b4768e7560c2ccdceedc3bdac577eea114e600613d98319bde07a84d4fd8a303f4c34c05b3a26c73f03602ba38aaa5436dfcdac6712e0868652","ssdeep":"768:9SDR4lelsfdJTM1JiB+mP9LsYKPlAgezlYWXu23fgiqs:9Alsfd9MqBZ1L5MGgQuW+2vLqs","tlshash":"feb2d076137254ea4442115b97364e812c39f4e3adea6e2c7507a40c7d4a33b30db6bf","first_seen":"2023-11-19T03:02:16Z","last_seen":"2026-04-30T10:30:02.873574Z","times_seen":638,"resource_available":false,"data":null}},"time_used":1362,"timings":{"blocked":1057,"dns":0,"connect":0,"send":0,"wait":296,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.oba97is.com/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.oba97is.com","domain":"oba97is.com","tld":"com"},"ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oba97is.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 21:50:05 GMT","end":"Sun, 31 May 2026 22:48:38 GMT"},"fingerprint":{"sha1":"E1:8E:87:FF:58:AE:4C:87:19:35:FF:89:02:31:AA:36:B2:E0:1B:E7","sha256":"BC:17:47:99:84:37:35:95:34:46:D0:B9:7E:BB:B9:81:A3:93:F7:63:90:F1:E7:69:13:CB:5D:12:58:28:9E:4D"}}},"request":{"raw":"POST /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.oba97is.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://obais.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://obais.vip\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nff4mie1Dw4W1GsWLv1JxpLBokHtfOe3uIyZvidFKwkMXWQCyVBbCSnAVSORDODVSBmngWCQYx7ztGsXY76or1OpSFe0U91BIHTknSSpAsLuxTDtTb7GDj339WHkKSllP%2Bu58SU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cca3b3476ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2487,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"9988a469396cc21f0348d97ce2e53649","sha1":"24678897d623e1e3c1b6b090683f29705414fb87","sha256":"5151a84d2dc9143e422e55ec8e5dc592638b1018c49dc35a21df3efdd76e3a88","sha512":"8d78dfcaedbd4e2ff7e7aedceede5205798a31fefe84fd1236bc95472290a2a50fa0a92f5430104717dd887951acaa5610099592b527f40c263e4d0337684834","ssdeep":"","tlshash":"bc511e4f23688e75085604c326ed7ee6b72f525b86218c380a56cf8c43f1abd176b640","first_seen":"2026-04-28T18:21:41.049258Z","last_seen":"2026-04-28T19:31:57.647632Z","times_seen":6,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/index-BKASD_Gh.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/index-BKASD_Gh.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-ca3\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5Pv%2FhRRsVV%2F8FVMSjXVkI7SI2qRiUEbVhUhDd8S2YdaRFhVz69xZtRPMECwQ4C2gcrNnIB9D4dqds%2FrCYVh2%2B9RyUk9TOOucWXnlTi2%2BsY5iBFcdsza2H0ADOtI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cd83d210b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3235,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3234)","md5":"668f902a4d7e0c09073050896d3d7a6a","sha1":"ce77f3c92376540fa9b074f9081ed0a37787824c","sha256":"e0a2fce2122bdaa5cb515e82a805a896d152bf9782a6334e80e165190b81af5d","sha512":"da6aecd2f3224fab8adb64b89b50edeb80ef5506856f4280dd56d697a4dcca322999bd3e97b01a2638dcb10e5b12d9275440e29bed5315bf2aeb3e8ef0847073","ssdeep":"","tlshash":"3461c5dd78b7f020877148ee507f0636e23a37592408d0d4e01fcd8a3931d6ab2a7e29","first_seen":"2026-04-28T18:21:41.044753Z","last_seen":"2026-04-28T19:31:57.550121Z","times_seen":6,"resource_available":true,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":199,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/platform/obais/favicon.ico","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:53.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /platform/obais/favicon.ico HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:54 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kud1zBFzqfp%2FS7vTzFuAOSnctqehLdw6YEVePt%2Be0kHRDFE8Q7cecw54r46gHCcKAOyHxlz6Cz099K70vXds%2BpfzNsaMG%2FBibkv1WoJnDkdrZyVZCtQrm5NMOUM%3D\"}]}\r\ncf-ray: 9f381cb67b4f0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":58296,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (56756)","md5":"cbb42513032d6c09e496731ac16c20a9","sha1":"c92f38a701aad58408451d24dd4c47b05f158cf0","sha256":"d189695b2f3bb92369881f2428fa861dca9d9a94c638d9bdc4e2fa747d6f315b","sha512":"3d76f1018afceaba7cbb4083f4a5b5758966ec2aa5d5c6b07d72361782809f7ed4bd34ed9e0c4154d01a2db7192155de8251e5a834dd90b8d9823d916e1b7285","ssdeep":"768:cHJYDDQHVZHIs91TXESJBjgBSp00yCqJ3Z+IYM3WiesRQiULO0bpD9tcNQEfdom2:cmDD6oeFUycwpk06hWp1b99c7VM","tlshash":"8443021803de40a2cd8978d9426f2f3d842a1863da1c94bd1f5b6df4ca0d8a4767f1e9","first_seen":"2024-11-25T13:26:01.204756Z","last_seen":"2026-04-30T19:13:24.023012Z","times_seen":11110,"resource_available":true,"data":null}},"time_used":915,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":743,"receive":172,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/CookieConsent-BKtXZsW6.css","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/CookieConsent-BKtXZsW6.css HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-1939\"\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sZTlDejlIVxzV9lnT791XtcNls%2B16hyOriToHz4akhoGZbijcIW713xsjw0kIRZSFsW37xYqk1n7LzPrWAmS6xo2NWGRFwelQvUWt9tEX1k7ttNBCJBtSYLp40Q%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cbd0bb10b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6457,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6456)","md5":"1149d91279806327d1cf129fb88561e4","sha1":"64a0d38ab7c0b5dcc85255064a404c5faea0e413","sha256":"ead0cb6d3b9cb7c7ba752b1a20cfe31c362fb850dff7077d0a6bb1c1229bbb73","sha512":"a32f4aa95f8b53e74371a2cf0c459b2959b0a017734332ab04a2bb0cbbd974d3c1e9963ef7e9cef2dec986510b4f0188c7aacd045b40e793c567e28686a7802d","ssdeep":"96:UMwlRU4q7ekoIlbffKu28Y6NRyuHwwlUxiun10aWNPG987:lMpq7eJOffhLYP2WxDhFK7","tlshash":"81d1ff717688b01db13fd87561e12b9c3228e207d7325ab8964bb57c89e72873336bc4","first_seen":"2025-11-30T14:17:39.787592Z","last_seen":"2026-04-28T19:33:27.083118Z","times_seen":48,"resource_available":false,"data":null}},"time_used":559,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":559,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/BTC.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/BTC.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 28 Apr 2026 18:25:57 GMT\r\nContent-Type: image/png\r\nContent-Length: 2691\r\nConnection: keep-alive\r\nx-oss-request-id: 69F0FBB5BC6A5B35394F8D3B\r\nAccept-Ranges: bytes\r\nETag: \"2EDF1EF8B333C40979976D1A49BC234C\"\r\nLast-Modified: Tue, 22 Oct 2024 11:43:04 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1939274224005843766\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Lt8e+LMzxAl5l20aSbwjTA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2691,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"2edf1ef8b333c40979976d1a49bc234c","sha1":"d75ac12795b4a9575c874e1b190712cd62a87afc","sha256":"50a1901684f223bf26594dd3415b1e50f184820a16daa810cc5452911e9117a9","sha512":"f697a1fa0786316fc01003f72621920932e2657e4acf5a471e35d02717c42c9db5a12df311895a776a563dcae9b8fc0b6721833529a054b9dbfff4c52fc564d3","ssdeep":"","tlshash":"2b515ee60252267980d32438616db1e178beabb2c3021ded6c1444954acc4b62555cfa","first_seen":"2023-05-01T18:49:36Z","last_seen":"2026-04-30T18:36:20.85253Z","times_seen":21296,"resource_available":false,"data":null}},"time_used":1511,"timings":{"blocked":647,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":575},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/PdfViewer-B45GQKhL.css","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/PdfViewer-B45GQKhL.css HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69edb8e1-ac\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KOXn8m6NW8O3dzAhPSaPQnw4XBXle%2BU3OYkT748Y%2FGOM8qVArAf6AOWStIg9a3Hvnskoa%2BJDG5i1HbGM8%2FYe0Vo8MXjQKGxUiGCgWPYk9MZqT4Ea1jL5HB5zdZI%3D\"}]}\r\ncf-ray: 9f381cbd0bb20b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":172,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"a07280d8c4487f94b1962d8eb4c60c95","sha1":"73584fe1844801f9c25e94ccc9dff3b20346c2fb","sha256":"cd0180dd43cdd6e4f0be1f78d4764975fd0abd9566ccf9210d4404d8e876ac98","sha512":"1b03fbfdad670899cdcf22896978f04a52fb6bbc48af9f0a6400182b7e30cbdd7d340bf4b3a082f824232134c66e891e39bcf834b4e760522d5988442d0b43b0","ssdeep":"","tlshash":"9dc04c23f185949d04125064159236fcdb3da50a634e1cf14b56f3766abd3c765364d1","first_seen":"2025-08-26T17:46:37.291739Z","last_seen":"2026-04-28T19:33:27.105273Z","times_seen":51,"resource_available":false,"data":null}},"time_used":651,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":651,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.0ab2a655a74f740efa2025401359375ca.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0ab2a655a74f740efa2025401359375ca.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 28 Apr 2026 18:25:57 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2527\r\nConnection: keep-alive\r\nx-oss-request-id: 69F0FBB5E61358343211425E\r\nAccept-Ranges: bytes\r\nETag: \"9C5D020AEC325696D1D22476E7728DA4\"\r\nLast-Modified: Thu, 03 Oct 2024 06:55:38 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17182148815916858481\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: nF0CCuwyVpbR0iR253KNpA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2527,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 136, 8-bit colormap, non-interlaced","md5":"9c5d020aec325696d1d22476e7728da4","sha1":"e9ff2cdf5160142a77c449947e659627d7ee0a6e","sha256":"3fc4675d2a41c72bc9dd1c9568b0104320bc66b77a69ad6ced74fcfbf1e1d933","sha512":"a932dd67813eeebb6a1393473906fdfcb5cdda3e9428a111476983bdadf8e37f6b6a03773cb3ae4a9bba26b165697a59bf4fa86c9fc42c256246290bc397f665","ssdeep":"","tlshash":"a9514c978961de1fb26822d2c1c1b142acaafe4f117debbd90d4012ebf5c612911df4d","first_seen":"2025-08-26T17:46:37.24324Z","last_seen":"2026-04-28T19:33:27.09237Z","times_seen":50,"resource_available":false,"data":null}},"time_used":1815,"timings":{"blocked":774,"dns":1,"connect":258,"send":0,"wait":259,"receive":0,"ssl":520},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.oba97is.com/api/option/rules/getTeam","fqdn":"webapi.oba97is.com","domain":"oba97is.com","tld":"com"},"ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oba97is.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 21:50:05 GMT","end":"Sun, 31 May 2026 22:48:38 GMT"},"fingerprint":{"sha1":"E1:8E:87:FF:58:AE:4C:87:19:35:FF:89:02:31:AA:36:B2:E0:1B:E7","sha256":"BC:17:47:99:84:37:35:95:34:46:D0:B9:7E:BB:B9:81:A3:93:F7:63:90:F1:E7:69:13:CB:5D:12:58:28:9E:4D"}}},"request":{"raw":"OPTIONS /api/option/rules/getTeam HTTP/1.1\r\nHost: webapi.oba97is.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://obais.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:56 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://obais.vip\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3kPCion%2BpxLuwwJazwNcWMy6b1tsidWPQqH6EmuyjKMCSOM%2FLS20dO6M7Rr1X0pIbPIsT4Oc1CuyKDY9f1iWquUE45adIAozeAu8XM1pneVmoypig%2B1Pclvn27OXzkciYAcavZE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f381cc90ac676ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T20:35:18.51264Z","times_seen":14440285,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/SetFundForm.vue_vue_type_script_setup_true_lang-lRGlTQd1.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/SetFundForm.vue_vue_type_script_setup_true_lang-lRGlTQd1.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-a71\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vROQZ8aJEGOVhR4G9onfi72L6ituNEDm3u24MVv8T%2FQMHMaYnEIxTczroYzALbnxXkWp1HCHyook9vQpcINeTfdtoCKc%2BOkC2%2FFVVrYvEpN8DSjKmO77gdQl%2FqA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cd83d230b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2673,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2672)","md5":"8b3cfd153907ef3c30d1ef160ef45fef","sha1":"13ccb25d2edfdef0edd9d2c96971bb459ae61119","sha256":"509ebe109f6b1e25530a9dbe4947a2cd228e82ff583a9010696b7a513807265b","sha512":"907053ff19210cf84e5c675fe553696751e0af48a9e6ca0b1a60cd1e2145443a98cd50f33ff7949532c3c752e4ed8fa48dc6f0dd9f212832a918c75427e799e1","ssdeep":"","tlshash":"1651340d24b2ceff26c3a238224e6164e0c87fcfdb309755b66d447226c99f52619a55","first_seen":"2026-04-28T18:21:41.03452Z","last_seen":"2026-04-28T19:31:57.527777Z","times_seen":6,"resource_available":true,"data":null}},"time_used":559,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":559,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/Low_1-6m8ONw4C.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/Low_1-6m8ONw4C.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-162e\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dO1qh%2BKgkHDG1MKsRQvHE07dcxI07YQwIAOMLpcl33CvrZjQNCkaGmuECax%2BYl58gv5VD1sz5pRSUs2wfvr%2B%2Fq%2FQJ7meeyxpMLE5pxtt3eHTJM%2F2Vm5Pti3HZe8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc8ac5c0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5678,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"5103c807ea33c534b2710ac6d158b293","sha1":"791ce9f7dab4d0fa9e1c68d9295fdbec555d599c","sha256":"f703e9a83bac8e20f95f9efab361f7d5490d3c1fc71990e0ca7d6b873a7de8f1","sha512":"5af38160b36582ae82b65694d8d559f71c505dc98e0045cafb5dee8674156a373f66e5e0901ed688f6c00767344a6f5c0f6e141ce914c8486c1b3041331bf2b2","ssdeep":"96:8OSaygjX4v9yeCz+ZZ68HHk2fWXp3+YdG2K3yZ178HnxmDZZBnDuS2:8OSco/LZZIwWd39P8HnKDU","tlshash":"4fc18cce55b2d9dcdaa41fb8234560381929e197e010bc02c935bbd42dc4509eeece3f","first_seen":"2025-08-26T17:46:37.287888Z","last_seen":"2026-04-28T19:33:27.087706Z","times_seen":65,"resource_available":false,"data":null}},"time_used":608,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":608,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/Low_2-BPxk_UPI.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/Low_2-BPxk_UPI.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-24b6\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C7tL5X8ov23XId3%2F6hT1hy7ktzsR72%2FBvTz5IYDPVJXRKYvKryoKfP3LWb%2F4vgAAaTKNUJqrJp%2FLEvtdFwUdxLvg7Kk7pDRUW4lgcNfqRc7IxpFPtIgzHhxdK5c%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc8ac5e0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9398,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"ce19171ad2413080ac589384fcdd4a01","sha1":"7b7da4a5cc5aeb1b1f10266de0edb0bacc2fdc30","sha256":"68582f4a49950d5778e05957baddfb31bc321607dfc5af01c519cb84f87ec0a7","sha512":"4282b94584460f26d89f307072438f1c29b017c81d4a5d3cef14d06e839a2953e304c8f3447907bcea56f84c0b2b87d4972405bb04da530de1a360865c579b44","ssdeep":"192:4S+V2BSNF7kJS4V2yFaVkIghjKpg3UhUyBL1xWczVDF7Tqxwyvgajoto:/wyM7kwbW6JkWUyIUDwqo","tlshash":"9312b00bbc2b7d3b7211f80944cc37a51c1ab8bd05ad839188b576951adee58d7e3ec1","first_seen":"2025-08-26T17:46:37.214917Z","last_seen":"2026-04-28T19:33:27.065094Z","times_seen":65,"resource_available":false,"data":null}},"time_used":577,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":577,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/ArticleViewer-5iIx2dnD.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:55.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/ArticleViewer-5iIx2dnD.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-963\"\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CTj7colmGWD1dQIpp6y3clJzJ4HmFgqhB7WKSee%2Bb3rkavWnL5YyHFcUHUG8xvDBH0At1LECOprWR%2BIy8QWDaC5eS%2F3Cvp%2BVnEhSL%2FebKqJG3uZyjRSNi67WdNQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc2cc060b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2403,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2402)","md5":"54d711709816d38381c8abc9bf7a1072","sha1":"8ddc49ca54ab7a97d515f98881936d1ce6911874","sha256":"86d8ffa8ea8634c9c49ebf66c595897103250f1c50f8bbbf2e9c78b66914f90c","sha512":"91c263cfcdde1a9a9baf59ba6ee4b6ab42338840200a48b81fe753302881045d20b50e2a34b7f21850dc47598401990569ad3e6275e519221e45a5618439bb7d","ssdeep":"","tlshash":"bb41749c64b6cfb896f39335a58ed6545044bbced7118a89727e582a3fc0ef07a5c304","first_seen":"2026-04-28T18:21:41.008747Z","last_seen":"2026-04-28T19:31:57.52458Z","times_seen":6,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/PdfViewer-DIoWOB6J.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:55.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/PdfViewer-DIoWOB6J.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-219cba\"\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8S9VhikbkGubw%2FnmfQl43nJGVSBAAFEDD1o%2Fq1t3fuz4AtG4rzDr4OTjtyiJsgTO7a5dzNNa2Oecg1L8t9lNtDcOZMcEtAkB3wqd%2Bl5dlKGzq6kbzjzBI3FI674%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc2cc070b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2202810,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"b29528322b1f9b6428025ab929f0b54d","sha1":"be7dbb00389edc874538174c7ec3dd26f673b908","sha256":"1df5f3df76768f75e21a59268e90ddcb9fa2423ed591e287a0f8805c3b386f5d","sha512":"2cebdf5ceae727d73574fcc9a5f20b93f027684728850b41a6218d27da2b4c714d552f2f647938a04f850443e033ae505b9b34db1194b4956e59199e22e5bed8","ssdeep":"12288:fZapMfCJkxNP/XN8894qsbzAar4Y7hdKvWHbzYE/EqkMsxP706zL9bHIOdBEtHbV:fkpMfCJkPXXq8RqbOt7aFMz8","tlshash":"74258d24731a769d0aa900c370bd1589d3fe1609e062e1dcb78f7a9f6a6ec09673d734","first_seen":"2026-04-28T18:21:40.989927Z","last_seen":"2026-04-28T19:31:57.578925Z","times_seen":6,"resource_available":false,"data":null}},"time_used":733,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":725,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.oba97is.com/api/option/rules/getVideo","fqdn":"webapi.oba97is.com","domain":"oba97is.com","tld":"com"},"ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oba97is.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 21:50:05 GMT","end":"Sun, 31 May 2026 22:48:38 GMT"},"fingerprint":{"sha1":"E1:8E:87:FF:58:AE:4C:87:19:35:FF:89:02:31:AA:36:B2:E0:1B:E7","sha256":"BC:17:47:99:84:37:35:95:34:46:D0:B9:7E:BB:B9:81:A3:93:F7:63:90:F1:E7:69:13:CB:5D:12:58:28:9E:4D"}}},"request":{"raw":"OPTIONS /api/option/rules/getVideo HTTP/1.1\r\nHost: webapi.oba97is.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://obais.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:56 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://obais.vip\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VlnpGtpQz%2Bz4sN8QhNHQaLl7xfyrUgVdKqq7yf85LbMaba50%2B26awbuYvgKD5heKUgUA4AmBbC4jtbAC%2FLIPY0W3zNQ41I3LkrJXSWPqkQ%2BUofXAwfGnNzF9bWpxYPbO%2FIaBYyM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f381cc90ac776ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T20:35:18.51264Z","times_seen":14440285,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/SetFundForm.vue_vue_type_script_setup_true_lang-lRGlTQd1.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:26:00.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/SetFundForm.vue_vue_type_script_setup_true_lang-lRGlTQd1.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:26:00 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-a71\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L7XYANHccbZ4Y%2BslmvgEc88Xy5d9Xpjfl2hQkjUjrxKw8H5ZuBoID714D0yAwAv9avfA6XuZYK4IOD4%2FKSQASLnMHU3PZTgaNiu%2BlarnbSBb3rlpaj2%2F7VU%2B7g0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cdf7d7e0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2673,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2672)","md5":"8b3cfd153907ef3c30d1ef160ef45fef","sha1":"13ccb25d2edfdef0edd9d2c96971bb459ae61119","sha256":"509ebe109f6b1e25530a9dbe4947a2cd228e82ff583a9010696b7a513807265b","sha512":"907053ff19210cf84e5c675fe553696751e0af48a9e6ca0b1a60cd1e2145443a98cd50f33ff7949532c3c752e4ed8fa48dc6f0dd9f212832a918c75427e799e1","ssdeep":"","tlshash":"1651340d24b2ceff26c3a238224e6164e0c87fcfdb309755b66d447226c99f52619a55","first_seen":"2026-04-28T18:21:41.03452Z","last_seen":"2026-04-28T19:31:57.527777Z","times_seen":6,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/Login-B_SJkevf.css","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/Login-B_SJkevf.css HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69edb8e1-e5\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zJ19HFvchleZj%2BaaelyJrB0W8qCwGw5l46kcX6fsip7z68PcTL5547QGgovrz%2BRFueg97PpbDMdKEssz4qnRFS4JGij%2F8JD0rqdZx7W%2FuVJXEqsnaaWhEUgOyUw%3D\"}]}\r\ncf-ray: 9f381cd7fd110b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":229,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"bae627bf13d569007ee014e7d11dd7c6","sha1":"b4351e257b02d016d18e9dfffa5a140f2fdbf144","sha256":"aed61187cbecb64a4b81f27208a0f93dda0961b46cb91cb6d6519def51cee05c","sha512":"77784ddbb35fadd017a3fa5b153e82e690d61dc49e698369fa33cc6bf98bbb84f9607b94cdf6a645096fe5fb32e957e6d9a46017fc2a5303a1146275a1a1e738","ssdeep":"","tlshash":"89d0c904755e142189b7866058d1c9980aaaa3d3363b88a833c356cf6f8325a642f5c7","first_seen":"2025-08-26T17:46:37.226419Z","last_seen":"2026-04-28T19:33:27.088177Z","times_seen":50,"resource_available":false,"data":null}},"time_used":601,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":601,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.oba97is.com/api/common/getCoinSecondList","fqdn":"webapi.oba97is.com","domain":"oba97is.com","tld":"com"},"ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oba97is.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 21:50:05 GMT","end":"Sun, 31 May 2026 22:48:38 GMT"},"fingerprint":{"sha1":"E1:8E:87:FF:58:AE:4C:87:19:35:FF:89:02:31:AA:36:B2:E0:1B:E7","sha256":"BC:17:47:99:84:37:35:95:34:46:D0:B9:7E:BB:B9:81:A3:93:F7:63:90:F1:E7:69:13:CB:5D:12:58:28:9E:4D"}}},"request":{"raw":"OPTIONS /api/common/getCoinSecondList HTTP/1.1\r\nHost: webapi.oba97is.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://obais.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:25:54 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://obais.vip\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kMVQuZzUthclD1%2FlJ7FUxmt9DuOnZGbZLpWaEeTtLoYVR%2BWv3cg2PxqpLz%2FGembsN%2FmwXLRXMc826Mj44xaXJsX9YnnMV8hVw3Id%2FDzfTcyHJ1rk4ZhYG%2FtcZHLkvSb9iMXOdt0%3D\"}]}\r\ncf-ray: 9f381cbd3c9b56a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T20:35:18.51264Z","times_seen":14440285,"resource_available":true,"data":null}},"time_used":336,"timings":{"blocked":61,"dns":1,"connect":1,"send":0,"wait":196,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.oba97is.com/api/common/getUserCoin","fqdn":"webapi.oba97is.com","domain":"oba97is.com","tld":"com"},"ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oba97is.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 21:50:05 GMT","end":"Sun, 31 May 2026 22:48:38 GMT"},"fingerprint":{"sha1":"E1:8E:87:FF:58:AE:4C:87:19:35:FF:89:02:31:AA:36:B2:E0:1B:E7","sha256":"BC:17:47:99:84:37:35:95:34:46:D0:B9:7E:BB:B9:81:A3:93:F7:63:90:F1:E7:69:13:CB:5D:12:58:28:9E:4D"}}},"request":{"raw":"OPTIONS /api/common/getUserCoin HTTP/1.1\r\nHost: webapi.oba97is.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang,language\r\nOrigin: https://obais.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:25:54 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://obais.vip\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type, lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H9sJG0G%2BJpwu8YCNRDK%2BQS9v0QTJFsU%2B31yqpAC6UKWNivRDVZaXjSJd2pCYwKyumVrLlvszgfmS%2FlLpgGGPt1DMMxT2tgg4Vl54RBVgPMfVLDsBPlLCv7xodo9u2fn0IcG7XwI%3D\"}]}\r\ncf-ray: 9f381cbd4ca756a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T20:35:18.51264Z","times_seen":14440285,"resource_available":true,"data":null}},"time_used":325,"timings":{"blocked":56,"dns":0,"connect":8,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/LTC.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/LTC.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 28 Apr 2026 18:25:57 GMT\r\nContent-Type: image/png\r\nContent-Length: 34858\r\nConnection: keep-alive\r\nx-oss-request-id: 69F0FBB58B904430320FF5A2\r\nAccept-Ranges: bytes\r\nETag: \"BB27C369A3AA54D9C1F8E59E1706DA48\"\r\nLast-Modified: Tue, 22 Oct 2024 11:42:58 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2593469271640333430\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: uyfDaaOqVNnB+OWeFwbaSA==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":34858,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"bb27c369a3aa54d9c1f8e59e1706da48","sha1":"7e1b9677305cad40b686a5a1077da57c4f6cf07f","sha256":"e691621963c6de60c05c0e91cf7c65cba4191df054a3b1bd5becbef3a426f9ee","sha512":"4ff3058897ecbcee5464eb954955cc40bad7f411ee86f21dcbebe3d02ee45410b42f68c8e3a22537ef530c65c9bc9960fb36134aeced2dd36688a21c0cb02415","ssdeep":"768:FAbT/SSUokJQD9Wvnwoo2hzabJIqRw/VH3+WFxL1nHLy:G/RU4yni2kKl53+WbBLy","tlshash":"3df2f155ed69527406b90571846e302ca4669a7ebdceb11bffbd67302b3246f008e06e","first_seen":"2023-11-19T03:02:17Z","last_seen":"2026-04-30T14:43:21.619001Z","times_seen":591,"resource_available":false,"data":null}},"time_used":1332,"timings":{"blocked":1048,"dns":0,"connect":0,"send":0,"wait":270,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/index-EIHkOClp.css","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/index-EIHkOClp.css HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-b4b\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VB1BIVgfW137q3%2Bku1HHvoVrpANW2FSCO3u2loKqCuE7Pk%2FNLsBIGGzPMJhdXZQyhA8EDvzSRYTXjUHNu7xQEBjGEBayWEcOLwnkhdSwzwMpPfHTqI09ePptpHE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cd83d1a0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2891,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2890)","md5":"e2b71aaebb70e9b9a075538d0128b339","sha1":"d90b32889e7723efe1ee56f5c0118a45e31e6d2a","sha256":"1aed0258b2de3fd4ba4a2a34ffa712c6d042a2c392dfcc99ae702f4497b003f4","sha512":"18090fe93699109079a5093e809991bfe165954b651f7dee5b66b65173ae4ae1720c469c7ab49cf484140219250698a1c44459b031f956d55c7c41925da1aa46","ssdeep":"","tlshash":"e5515424b86841f79f7b936060e0470ca93d72d3df5627bd6bad11142bcbbe42ca2404","first_seen":"2026-04-28T09:02:56.135178Z","last_seen":"2026-04-28T19:33:27.088644Z","times_seen":11,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":192,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/loan-DF3MCu-C.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:26:00.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/loan-DF3MCu-C.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:26:00 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"69edb8e1-244\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Otek04qcTARrSw%2BpJjr%2F6qahN57gHcWdIdhB7s2TAWWdMIE%2FW4hHHXhgUDxZqCqGIeMRXizCUxfrX4tOxAl9%2BvED%2FSXSHhTtwbR71NE3198vmzTvDyOUuYUSXjQ%3D\"}]}\r\ncf-ray: 9f381cdf7d7d0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":580,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (579)","md5":"ddf7d04a79d3e54b130a1a1613028354","sha1":"373af051d949659162d117d3020081816e54fb4b","sha256":"c23235cce4eee55b13caf5ce5773eb32d168d7039fb925673c2292636f71bc25","sha512":"b93af40231906af5b637f6344c19a1de94c54a4325ddc8748c2d0b27de063109f4d181183897c2e481c586e604a61272f89d23ab5d8aa3afd2aca134886f1bf0","ssdeep":"","tlshash":"cdf04cd6fd079a7f9135d23530923d02b43b9634def614702f16d4278b2c0c82717940","first_seen":"2026-04-28T18:21:41.053552Z","last_seen":"2026-04-28T19:31:57.630552Z","times_seen":6,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/cssCalculate-VX7BHKki.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:55.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/cssCalculate-VX7BHKki.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"69edb8e1-31a\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cfud5fYBOhtkkn5IfFKyu9lLrWLFo8NCSSfPr7LR5VcDsRdQMXfMWfRGuRgcMa%2Bq%2Bo1JpQev8lYp2iEGDZEzN%2BV3Anf%2BoHxLKIO1bhwSyBKb9G9fzErY9O1G%2FRY%3D\"}]}\r\ncf-ray: 9f381cc2bc000b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":794,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (793)","md5":"ce1a07f3d01ae4d3c15e0cc917158e4b","sha1":"72e2d8f92457931b3d813da969a71e786145dbf2","sha256":"128b5f4b42990b1b3f0ce0bad5af90e879b0941179991f2cac53531df662242d","sha512":"39bd9ec377569325f9d9ba3e34df028217f8a162adc827f8f86b06ed40fb228105cb5f94e6a2f4dd8e5bb22128062e38570a84984e777c219bf8b087ff185b78","ssdeep":"","tlshash":"68018ef8a5c1def79b4b563b0e6c492c718c5680ea1f82c2d72ca0207b402ecb132590","first_seen":"2026-04-28T09:02:56.142354Z","last_seen":"2026-04-28T19:33:27.07658Z","times_seen":11,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/index-bg2-DH3H8kTp.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/index-bg2-DH3H8kTp.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-415bf\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WkIr7KxgjNnS1%2FDXLAVRL69J%2BL4msJ%2F7%2BMOE5qg1gl1rEXHVF04kAEMkpesYuxHPMP8xTQ%2BhCXakJ6uocMLcAf98oIbppix6a%2BebwKYhNLajWfZozphbVxDd2kY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc8ec680b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":267711,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 734, 8-bit colormap, non-interlaced","md5":"4e2ceadc2a00a7055f2d30b675301f2a","sha1":"23544a569e9f2129980acabcdef51b8c225117dd","sha256":"0113b32c782902d3f6c16a832653c99172ac40d17a454ec621e4366ef56cc280","sha512":"3c70550b3a9821a4b962341fd0cf08bacdabfdebe7eaf65a77946211a78701d72c5a8e321e24bca94be9634c4af66deab691317d98709587f23b5efb556b3d5e","ssdeep":"6144:fHeZ8M1KxbmeW02HluhfdZ9de39D3Jly1ZBWIUL:fHeK9xTWVu5lul3JM1ZBWIUL","tlshash":"b344230c360554c3edf7d874b31cdbfadd9b3cbf249d8528a672a36a4aa502c15c99c0","first_seen":"2025-08-26T17:46:37.264725Z","last_seen":"2026-04-28T19:33:27.098458Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1317,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":759,"receive":558,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/index-BDNalPlv.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:55.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/index-BDNalPlv.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-2a457\"\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8k1xczbWDuGDEtXGzsVQJhDvA%2FMj1Zh4AzS4FEVRGDH5mai9DLuvzR3WLfK8tN5nQgZPdYDIU7%2FT0zbLrxE3AhHl%2B0plz%2BQBxQHJjCB741ZsziDsftUcTPLdN%2Bc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc11bea0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173143,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (65524), with no line terminators","md5":"1b89a06d58d01ba93f988507af24066f","sha1":"7c263b4489a4e742c3bce9db416fc6c45b99fb9a","sha256":"139273777b995f60d5b22ebb4d425dc9b1e682f3606456b557f3fb1c99d76d07","sha512":"24d04eb5457ae7e061420dae2c204266e905c9bdd432c24d2643af9fa19cc4566c96b889e7c16dc3e617918fc37352403ce7356940d728d04e49db097ca1ac1f","ssdeep":"1536:69RhWl5TRoshtG80ZgNaeYXE+bUmN8SoFfefW8UjXGqW/lWBlxvH1hfGJnesv8n/:sRk5jTG8ralELZFOUnusSQilqw7ShHTh","tlshash":"af048e4db221757a86f3568a42948110a6644f49f458c4fcb6bdbc272deec5802feff8","first_seen":"2026-04-28T18:21:41.025411Z","last_seen":"2026-04-28T19:31:57.532223Z","times_seen":6,"resource_available":true,"data":null}},"time_used":238,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":65,"receive":173,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.oba97is.com/api/common/getCoinContractList","fqdn":"webapi.oba97is.com","domain":"oba97is.com","tld":"com"},"ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:55.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oba97is.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 21:50:05 GMT","end":"Sun, 31 May 2026 22:48:38 GMT"},"fingerprint":{"sha1":"E1:8E:87:FF:58:AE:4C:87:19:35:FF:89:02:31:AA:36:B2:E0:1B:E7","sha256":"BC:17:47:99:84:37:35:95:34:46:D0:B9:7E:BB:B9:81:A3:93:F7:63:90:F1:E7:69:13:CB:5D:12:58:28:9E:4D"}}},"request":{"raw":"POST /api/common/getCoinContractList HTTP/1.1\r\nHost: webapi.oba97is.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://obais.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:56 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://obais.vip\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TQFXrOEroTLMoWgeHKTRArJHlQQXpYUOc9%2FXWC44jcgqmR2TON7wsAKYku%2Fd1kXfops3hRI9V6qBes6fcYxSjr%2BtpjDrQUivcJJLUTk%2FNXeyqdRXMB5sKjSxxcWEUVf6mBzFouQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc4a9aa76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":83344,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (64856), with no line terminators","md5":"77d9c365c492f98335489a0bd6063d73","sha1":"cf3b4064e1716e0bce29ddb00e0c851128b49743","sha256":"36ec12ceb04e8102cdf19039f327d115c9d4c4df4abd22a9cda4c027eca5540f","sha512":"d8e0588fa6b5d2a290474c40e03342ed13c2436e8418bd301113070d6f5ac231bc2cbea4b67095c39afeaeef271db71cf0903f1c462de45036e1b592329df856","ssdeep":"192:mWXTg3XzX0XnHXUXX47XgHX9vYXCDXMXmWXjWXQWXYWXeWXkWXxWX3WXMrWXXWXA:g4RzPGeYVp//CNY","tlshash":"9d83ac45163865fdc730e0d42f2b790652ac35efadca4c2ac6de8ddc4ad4af26709e06","first_seen":"2026-04-28T18:26:26.034243Z","last_seen":"2026-04-28T18:26:26.034243Z","times_seen":1,"resource_available":false,"data":null}},"time_used":525,"timings":{"blocked":0,"dns":1,"connect":0,"send":0,"wait":523,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/Low_5-CMIV401Y.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/Low_5-CMIV401Y.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-142d\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UIMu1%2FODMRr1hv0YMBDwi%2BNgYKDIEgnfwD8HUZeqiAnzCKffdxNUJla5zoUkIdroJVhnoA2YS1VYJuDCR9ChTOAm0Tkwb95Zu0Wxga8DD2OVOXJAGev8w%2FQAGY4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc8bc600b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5165,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"8c29098b3d0e9ab466eb1881954e3d7a","sha1":"c8ff881fad14961afc827512e7aa876786992750","sha256":"d4a27de602d5c456720fad40a77b4deab49b1e79572473f835ebaa045d8d6a50","sha512":"f4f0843eed3363e5fa1723ea594014e7996b084db145b0441c9b4de081841b3b07518517424adfc1b8e35a0e2fe092f43ab261aac4b39fe2a0c0a2a8c673262b","ssdeep":"96:4SAnqpFPEsnjf4nxVqQpsje9GE2nBU2Jhe+W/WD7Y4kbPJdymXr:4SAGzMnxVGg5Qh9D040xdysr","tlshash":"04b17cd73931c365649dc920bdceb4c3c42f6038729631b90b74ed52c86b804919bf69","first_seen":"2025-08-26T17:46:37.22518Z","last_seen":"2026-04-28T19:33:27.10969Z","times_seen":65,"resource_available":false,"data":null}},"time_used":555,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":555,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.oba97is.com/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.oba97is.com","domain":"oba97is.com","tld":"com"},"ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oba97is.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 21:50:05 GMT","end":"Sun, 31 May 2026 22:48:38 GMT"},"fingerprint":{"sha1":"E1:8E:87:FF:58:AE:4C:87:19:35:FF:89:02:31:AA:36:B2:E0:1B:E7","sha256":"BC:17:47:99:84:37:35:95:34:46:D0:B9:7E:BB:B9:81:A3:93:F7:63:90:F1:E7:69:13:CB:5D:12:58:28:9E:4D"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.oba97is.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://obais.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:56 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://obais.vip\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Aw3JG4cIUEgpM%2BNXNq1gbHTHo558pMOD5%2FozqwRriyd38nJT8RQHTn6XXv%2BOWaUuRQDyJt2LGmz8tsKiloqSbhPVS7RUhiRKTbrMUMuz76QEsVDohbvhT12d6SN3x%2BQa%2FsJeLEE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f381cc90ac376ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T20:35:18.51264Z","times_seen":14440285,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vip-cservice.com/assets/style/css/chatStyle.css?v=1777400756831","fqdn":"vip-cservice.com","domain":"vip-cservice.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:57.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vip-cservice.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 03:55:20 GMT","end":"Sun, 12 Jul 2026 03:55:19 GMT"},"fingerprint":{"sha1":"70:AD:9B:85:F7:23:F3:E9:2B:B9:45:E1:ED:B5:7F:59:66:D0:A8:3F","sha256":"56:74:48:8E:C8:62:AB:54:11:1A:5A:19:3B:69:28:EE:A0:49:7F:0E:30:DB:25:6C:9C:BC:38:2A:34:BD:BA:D0"}}},"request":{"raw":"GET /assets/style/css/chatStyle.css?v=1777400756831 HTTP/1.1\r\nHost: vip-cservice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:25:58 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Mon, 27 Oct 2025 16:46:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ffa1e0-b303\"\r\nexpires: Wed, 29 Apr 2026 06:25:58 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wYleCPv%2FvozC1IuxaprR1KqYBXepo6SoIflxTuF%2Bktk27lQnMKs54GQ%2Bif5QULGhG9arDUsoGVJUgb82VjLRtff7XJbq24ww3zDj3BXjMovjbcz6V7%2BR0xBNo1fm9YNqNZGf\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cd16f1c56b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45827,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (1414), with CRLF line terminators","md5":"7f04d716a07903513dd26bdc041cded9","sha1":"87cc4821c93b3691c2cc6ed6c07504f9c5030d5d","sha256":"eca5ab3a8577e84adaf245950a20cb525d5c762c14576671dbcdfc9a46de476d","sha512":"f4a86fb88cfef3906b7debb45e8d4d02a58f4afbb14ff8479e630c3f8c84f97be7d3996d3e399f29498f31066c28fb7a63d8a83e00bc151686e434bf796cd0a5","ssdeep":"768:b8hjh3T4m4G4/4y738BY8+kJYcJHJlxGSndLcR4xhQ14YYi631N8VNi3rdwLcKda:Izr9l","tlshash":"b423433ceb65218da123b4a9bff16be5af514013df0b06a5b5f17a38c2504bd39712d8","first_seen":"2025-11-30T14:17:39.779365Z","last_seen":"2026-04-28T19:45:58.072469Z","times_seen":80,"resource_available":false,"data":null}},"time_used":825,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":818,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/Register-AGXhV3l3.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/Register-AGXhV3l3.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-47f6\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NwFo9%2BHC5G%2BzNBGrxSrrCps5M9cEg8d7KlvmvctsR81OGRpeZ9hOlnNwxZkfidk0Ak%2FMw98eiFBBFIb7wyu1DZZHesmeyHKU%2FjPABNxbTC0QTVM76I%2FeXZysR%2Fc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cdc9d520b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18422,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (18416)","md5":"c0418a77a13fc281767ec208ee882cc6","sha1":"f0f26e7f7f09fe5717d52ca5c36201ff94d0c4ce","sha256":"cc0663827813a673b15da0007474841032bc07953bc1630aeee7a8e35f2cb937","sha512":"125e2b731110acecc47e5414a896f8eba5b16fd63594177d6bebd156c7a0708e1615cd9cea91240cfc1a80795d1adc554e9af3b877b4a41f6bb657b6aad31e95","ssdeep":"384:Gfh6uaz8k7mm+rwmeg5bM5MZ5iWajEJRq0g/Zk4Ltb2pVjkOymm+AR6eb0mm792e:Gfhpaok7an5g5s5TUZ5pyVjnjXYn0D91","tlshash":"2b82668cb1519bfaab7b9431f4476930682c4f5fc463c0f6e6e88c35a79ec71a51423a","first_seen":"2026-04-28T18:21:41.042624Z","last_seen":"2026-04-28T19:31:57.572296Z","times_seen":6,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/CookieConsent-B_fcJp-l.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/CookieConsent-B_fcJp-l.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-7fa5\"\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TIyUH9nMOz1Ix82T735wyDgwI1IdOistlj98R1TDvd1aOSGLCivJlDoQYJ9OiWs0XYq34nry0Pqp7NfDAiLOg7FHoTbtwH0BStGDQKeC3jrL8l0fiez1gDNUC4E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cbd2bba0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32677,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (28844)","md5":"d7e9d064e01d80e5f6e29b6fe4ccdac8","sha1":"420439dd8aa598c188ba14215182d2f615f9f30a","sha256":"c11d3166913738d152b148a2ceda84ce239ae942666ef7df5d6e5d4d2649a8e5","sha512":"8830411b4c6e7fa87913c7f2869ea9c4dc5649b57b6664b15a90f6a45810122f17732d43ac4d2cd7eb22848acffc9f2f38a96abc9d6d0dd38db7e9583ae9ef62","ssdeep":"768:Vf5jwT5ISSBGZo4mrwDS0yIpdmjriD62bnPexJ:4eVsmrwTpdeiuR","tlshash":"f6e25c05e806eeb9d7f31634744a7168a4387fd9c25ac47aa3bd85232bc9f728763314","first_seen":"2026-04-28T18:21:40.995786Z","last_seen":"2026-04-28T19:31:57.576405Z","times_seen":6,"resource_available":true,"data":null}},"time_used":745,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":745,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.oba97is.com/api/common/getCoinContractList","fqdn":"webapi.oba97is.com","domain":"oba97is.com","tld":"com"},"ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:55.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oba97is.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 21:50:05 GMT","end":"Sun, 31 May 2026 22:48:38 GMT"},"fingerprint":{"sha1":"E1:8E:87:FF:58:AE:4C:87:19:35:FF:89:02:31:AA:36:B2:E0:1B:E7","sha256":"BC:17:47:99:84:37:35:95:34:46:D0:B9:7E:BB:B9:81:A3:93:F7:63:90:F1:E7:69:13:CB:5D:12:58:28:9E:4D"}}},"request":{"raw":"OPTIONS /api/common/getCoinContractList HTTP/1.1\r\nHost: webapi.oba97is.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://obais.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://obais.vip\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gqUHtI%2F2fsqA4FEx6rIw0Ol3YYJVLaYTu4B72JMhRzVQNaOe9PcIP2f2LM6NrXhbpEYHzzBAjzB61kGxeG4wgAvNMSJN%2Ba8Lnl6KN3kPvMRuuXxFfndXDDXFT9q%2BdnpCwWTq7Dc%3D\"}]}\r\ncf-ray: 9f381cc36bfd56a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T20:35:18.51264Z","times_seen":14440285,"resource_available":true,"data":null}},"time_used":201,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":201,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/BNB.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/BNB.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 28 Apr 2026 18:25:57 GMT\r\nContent-Type: image/png\r\nContent-Length: 12869\r\nConnection: keep-alive\r\nx-oss-request-id: 69F0FBB5B1E8233231337298\r\nAccept-Ranges: bytes\r\nETag: \"A533EECDEE5A789E7D94F8F79F95D588\"\r\nLast-Modified: Tue, 22 Oct 2024 11:43:04 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 18158548296662870332\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: pTPuze5aeJ59lPj3n5XViA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":12869,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"a533eecdee5a789e7d94f8f79f95d588","sha1":"f1ae6df3a9baf6dbec969c6d1ab622850a282895","sha256":"ea257fac91d01858b7dfd0361f8b480caeb3d57b080570ef4b4f41d5d7e68c90","sha512":"e46ca5c2239c89c783805b1f4e17664118e57e95dff6513b8ff917aaaa763b922c6286b48d0e6daca644ae30c3e821674dade74a056837865353b451c50d074b","ssdeep":"192:3GSu8nGgOCcrSaheqQThcTrOcOAasSqXzcxfuZWfWOKJ6mVgCd7mOOwRB0IG:5/POzrSTThcTaPAaFqXzcqG6ekvP0IG","tlshash":"1442bfd83898c3e455233e69d56e4c138122251a66588517f22a2b7dbf03af27fcf1e6","first_seen":"2023-11-19T03:02:17Z","last_seen":"2026-04-30T14:43:21.594933Z","times_seen":637,"resource_available":false,"data":null}},"time_used":1943,"timings":{"blocked":828,"dns":1,"connect":276,"send":0,"wait":278,"receive":1,"ssl":556},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/DOGE.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/DOGE.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 28 Apr 2026 18:25:57 GMT\r\nContent-Type: image/png\r\nContent-Length: 55728\r\nConnection: keep-alive\r\nx-oss-request-id: 69F0FBB5E61358343221445E\r\nAccept-Ranges: bytes\r\nETag: \"48384A67185DBDFEEF3AA43C99D3319C\"\r\nLast-Modified: Tue, 22 Oct 2024 12:00:22 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 3192987439189544564\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: SDhKZxhdvf7vOqQ8mdMxnA==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":55728,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"48384a67185dbdfeef3aa43c99d3319c","sha1":"23e15189bebafbbec8b23e8ed0f3392a9b7979ee","sha256":"1ceba4efa6a645fbe532e520385f37001922e14b6aa7b4ebeb19e755014feb39","sha512":"2f7a13f56ff64b874a76994d00f198c5fc2b7424181935e641eb81bcf171db54fa50b711502c0c4a7e8f5c934ed5747233d87ae0602916244947d3724eb3ce10","ssdeep":"1536:5ko5w6RHlzxqElMwBI6M3iD+oLKTn6EPwhk6g9p6uP5I:x5fR9xjlMGnMSDYLPJ6bOq","tlshash":"0d430247c0529ed2c68853aa0e3de48a84779d12358f80577ce6525a82e2df29bd770f","first_seen":"2023-05-22T05:59:44Z","last_seen":"2026-04-30T10:30:02.833344Z","times_seen":603,"resource_available":false,"data":null}},"time_used":1386,"timings":{"blocked":1078,"dns":0,"connect":0,"send":0,"wait":275,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/Login-CJaDuv44.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/Login-CJaDuv44.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-2d2b\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dHrg4ulAcvKLmAoLJ%2FkEWkWINX3iw7DyeGalmzK3B4S00kl8E3ul5%2BTcGNSb1IIRyi1JOMOUG0VBXNxtXtccrJf%2Fus0GtPWIsosEu0SIbZXN7%2BPif3ej0qkcUuw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cd80d120b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11563,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (11556)","md5":"2131fd9e8c14774c657d5d4617005846","sha1":"cf886d3f3dde104cc83a40d58815236d1dc8ff7b","sha256":"21efd98a6c5bada99a5039df8a385bc7a69794755879c679dec1a98418046f92","sha512":"fe7e33697a1c90972829de57b37649a839ffc37a14a9a51f64dda2c1bcdc4881c0a13763db63707ae70ec3fef9f90697d8d6d0825fa05db2e4293aacb9c914ab","ssdeep":"192:5MT3VEYQNzN+dNWNTpknH3caQKkn3ELqKDN/5qxBy+d7PEwjNwzPZdasQWQ5QUgh:5ZYQJIUBoL1Ibp9JyisQWQ5QbDFHiq7H","tlshash":"b532b6c8b511abf99bb30825b6047935b4185f99c067c48ef3f84c317bcacb66a24379","first_seen":"2026-04-28T18:21:41.077914Z","last_seen":"2026-04-28T19:31:57.522997Z","times_seen":6,"resource_available":true,"data":null}},"time_used":589,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":589,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/index-CNIA2a1D.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/index-CNIA2a1D.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-ba51\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LyxQcB2VkCrwiNCGT80u2gbwb2G%2FBQrYzD80czBcrtscakZj0pA%2BkXt2pedo2tjF226pb9Qltz4j78dRnq9mvKM1soiSoEdryjcGklDYl2x5lqFuCdc4X3pm2aY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cd83d200b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47697,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (47696)","md5":"47aa90115bb110957870564106ed5ec0","sha1":"815fc63236bf954ad26278cab4f19ad19567aab3","sha256":"c0d2768d5fb721527dde433a1584a6ced2ed0a8bd6f72c08df6c8abe6b5d1200","sha512":"c144e3968c6ed4c0c11c0b3bf6546f77aae9e3f48c5a05d02fff8b8a682332f7f03c6298c93d15409480718bd8d08464423c6afbaa67788b5ae96b925305a4b2","ssdeep":"768:2w40rUC3AsTTEHfjiJo1DHpIh9RzpsSWGhC19pLln0X3fcUgkKq93:Y0rUmAiGs+19pGn","tlshash":"cc23832cb012cfbe9653193162ad2994e1497feec516c80af1bd18233bc3ff05a56765","first_seen":"2026-04-28T18:21:41.005831Z","last_seen":"2026-04-28T19:31:57.624864Z","times_seen":6,"resource_available":true,"data":null}},"time_used":571,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":571,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-Dh-6raYH.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:26:00.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-Dh-6raYH.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:26:00 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-5e6\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MEiWOufsnPKkTAEkleb6pJJXv6hwL8OxsSNQPDVCAEnwksAGXNfMalGDsNi6S5KPV9eR4NKS%2FYZelr2upXFtGLcJ%2FiK1p0ofSWhOSfVjLB5x5H6BdFZwQMuzwBQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cdf7d760b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1510,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1509)","md5":"efd1b099161543abeb15b4c6f3d03b70","sha1":"47abda770b56adf0d8e9d1c816332103a0ae6e0c","sha256":"f55e43ac900c71cf8801f08d55352c7def776a1b1a1cb49e00c41ad0a6c68595","sha512":"9b0fcee1a07721a7ad2e7fe05e0c20cfb3ed5448576c64d28e12f20e0fb38c6af600ff1e8223ab0b7eee3fcb0fb8bbdeb7486baad3a4a37f700c5c28589c1da6","ssdeep":"","tlshash":"5131320d9473cbfc95a391351b4a2168d2947fdeea708bcdf36c14723aca9f2592c640","first_seen":"2026-04-28T18:21:40.977521Z","last_seen":"2026-04-28T19:31:57.641898Z","times_seen":6,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.oba97is.com/api/common/getUserCoin","fqdn":"webapi.oba97is.com","domain":"oba97is.com","tld":"com"},"ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:55.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oba97is.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 21:50:05 GMT","end":"Sun, 31 May 2026 22:48:38 GMT"},"fingerprint":{"sha1":"E1:8E:87:FF:58:AE:4C:87:19:35:FF:89:02:31:AA:36:B2:E0:1B:E7","sha256":"BC:17:47:99:84:37:35:95:34:46:D0:B9:7E:BB:B9:81:A3:93:F7:63:90:F1:E7:69:13:CB:5D:12:58:28:9E:4D"}}},"request":{"raw":"POST /api/common/getUserCoin HTTP/1.1\r\nHost: webapi.oba97is.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nlanguage: en\r\nlang: en\r\nContent-Length: 2\r\nOrigin: https://obais.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://obais.vip\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xAmrcdsBPZ9EextZ6%2FwdB%2BuvVxIwkuh9M2j9FhvlMquz%2FyV1C%2FFOXrcGaxPOmrPUb2rjIngg6MeaMIni%2BXN%2FF%2BHz2Fp0YTVyEhO7bA6oLYVUxffVb85zu6EUe6UTjwR68YdsSFE%3D\"}]}\r\ncf-ray: 9f381cbebe9e56a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":318888,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"b7bb89e6ab8a6c8d2dcd98dcab7ac2bd","sha1":"94cf854ccbc77956b2e5aec9e9073378a4f353f3","sha256":"33e9ab4cd30f5ef960fa4c93a3148f93db68ba08c8d825e51dac26cfe6e771e3","sha512":"a6c0934b4488e5a190f9b5d183299c597c45bb7fdeb293e16782138b7e518ff1b33a26d12ddd7e4fc2ab836ac2b2182a0bbb5e254f2c11f6b1cec915e0c8d8e5","ssdeep":"6144:vbgvpd2fp7gUp7XpHpd2Q7vp6Yp7O2Q2X2m1lsiPbf29eO8O1mOYd/q:f1lsiAL","tlshash":"d664c470dec8d0cac4b58ce65fcbaed56e9a33c367df5cc205a91e004bc263191657aa","first_seen":"2026-04-28T18:21:40.993245Z","last_seen":"2026-04-28T19:31:57.581954Z","times_seen":6,"resource_available":false,"data":null}},"time_used":534,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":534,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-28T18:25:50.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:25:51 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ndA%2BqMFaxNJOLc2P44TaqyQ3Rd9l%2FcuTib1niKyv%2BB%2BvkuuY2B2ppXKQwrE7BaeJfbZsXLbSMTihW3an%2Bf1%2BhKHm65rh4wHPcouINmgGN%2FN1XOPqcjAStm3ukhY%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9f381ca4fd708be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3647,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"15c000cb49000381784f43e3c6808b71","sha1":"a6bf37b4761cc461a7097efffcce1a6a5f5f9daa","sha256":"cc75082b6d859b0ad2dac5cccec328e5636d22dac6bb83fb669eb6dbd6f26895","sha512":"b7085e6ba84b86a07f4312b008636ca1f1eee73d339e97e71f71e78b6a8094ec3945b579c10d5dbd107652c3b14f6b7a349abb9cdcaebec5803d3fe34f8e9e4e","ssdeep":"","tlshash":"f771112386b9c81413a5a33dafe6b1458a365487960d2d6cb84c2e9d4fd1fa086e37f1","first_seen":"2026-04-28T18:21:41.071026Z","last_seen":"2026-04-28T19:31:57.523806Z","times_seen":6,"resource_available":true,"data":null}},"time_used":741,"timings":{"blocked":67,"dns":37,"connect":2,"send":0,"wait":606,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/ForgotPassword-tn0RQdqM.css","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/ForgotPassword-tn0RQdqM.css HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: text/css\r\ncontent-length: 0\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\netag: \"69edb8e1-0\"\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9mVKNhsUuE3u66l1Mys5fDkUvCNIQc1n99wFGcxW%2F1idvLIHz0O3xUr9GCmzv%2FG6vv0LQUzQ%2BuY%2BGy8a6HcHH27WDjRwNWpJSt%2B6fc%2F8mJ2M3AvQhLjDCIHdeno%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9f381cbd0baf0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T20:35:18.51264Z","times_seen":14440285,"resource_available":true,"data":null}},"time_used":614,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":608,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/starslist-YIJi42t6.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/starslist-YIJi42t6.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-569d\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M2nZQB3d10%2BjQvIRCNpiIsVjHsFXMXGW2POF%2F9mT5tZHFOTu00f5Q7g0YulbJ9iOreTPlSxk3KqOloEK6X0hrnBkOiPLkzDnOwufpV1GUeDGI6Te3aqj8hvSyG4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc8bc630b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22173,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2148 x 417, 8-bit/color RGBA, non-interlaced","md5":"78382c82dad9a7dd50655f44fb82f743","sha1":"5cb4a13ba952deeec34e3c4a5f0a1a424efb1cd1","sha256":"3bb15b8fd045ea090c833d5cdce05e097a4f9556f1a74b69232968b505895609","sha512":"f2297ebeeb0a47f59cd03b6b6079b3ad6c54aa1d585416a38ba5220a0a3a34b64a63f70b28460c34739441ba5237dfc5f560adcbdb00cceb83e5508197f687f2","ssdeep":"384:JojM6hkS9bZoCrjbih/rDyNRNMlOuDZ5lxYYWZLesJeDQu:YRN3iZrg3KOoZxqODQu","tlshash":"7ca2c01a9a5eecb1f92cf0313a834d30e9694452bde0c339b542c105feab4bc86b61a5","first_seen":"2024-12-26T23:29:40.083923Z","last_seen":"2026-04-28T19:33:27.075519Z","times_seen":53,"resource_available":false,"data":null}},"time_used":719,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":718,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/Register-AGXhV3l3.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/Register-AGXhV3l3.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-47f6\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VDmn%2FAs%2FDtzik%2F13mio1TZurI1b%2BZ%2BWG%2FLhz7Dwipq4hIhTgbd47Hy6yzQ%2FIWQr3yRNbSIQvcMsOASbNQ3YWRTfnizsnKN0%2F0ggV0kwG0mt0uwTBwFEmWmqoMZw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cd80d150b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18422,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (18416)","md5":"c0418a77a13fc281767ec208ee882cc6","sha1":"f0f26e7f7f09fe5717d52ca5c36201ff94d0c4ce","sha256":"cc0663827813a673b15da0007474841032bc07953bc1630aeee7a8e35f2cb937","sha512":"125e2b731110acecc47e5414a896f8eba5b16fd63594177d6bebd156c7a0708e1615cd9cea91240cfc1a80795d1adc554e9af3b877b4a41f6bb657b6aad31e95","ssdeep":"384:Gfh6uaz8k7mm+rwmeg5bM5MZ5iWajEJRq0g/Zk4Ltb2pVjkOymm+AR6eb0mm792e:Gfhpaok7an5g5s5TUZ5pyVjnjXYn0D91","tlshash":"2b82668cb1519bfaab7b9431f4476930682c4f5fc463c0f6e6e88c35a79ec71a51423a","first_seen":"2026-04-28T18:21:41.042624Z","last_seen":"2026-04-28T19:31:57.572296Z","times_seen":6,"resource_available":true,"data":null}},"time_used":613,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":613,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/XRP.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/XRP.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 28 Apr 2026 18:25:57 GMT\r\nContent-Type: image/png\r\nContent-Length: 2274\r\nConnection: keep-alive\r\nx-oss-request-id: 69F0FBB54C8B373430655B1E\r\nAccept-Ranges: bytes\r\nETag: \"674B0999F6083084A2A4B1D8B20F3BC1\"\r\nLast-Modified: Tue, 22 Oct 2024 11:42:52 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2919851811578833622\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Z0sJmfYIMISipLHYsg87wQ==\r\nx-oss-server-time: 5\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2274,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"674b0999f6083084a2a4b1d8b20f3bc1","sha1":"8d14a526e83604e323723b4d25f8f8066f1ede70","sha256":"632f9cacb6b3fbedece774a8d27c436f37dc359de3bb0872ea19603b70347708","sha512":"4c04d137c2448c0d52a4298c858f95c58116c1d77e75899f5acdf6bb61ed839dbdc99fd5556eb63793b81258de40e515540acaeab007da76664476c9be2e514f","ssdeep":"","tlshash":"cd414bd7c53300ed9128e735b8c3ee819c00628d183bb46b89f5ec60b2346d31a53a98","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-04-30T14:43:21.583385Z","times_seen":603,"resource_available":false,"data":null}},"time_used":1894,"timings":{"blocked":806,"dns":0,"connect":269,"send":0,"wait":275,"receive":0,"ssl":541},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/dataModify-C6sk-dj3.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/dataModify-C6sk-dj3.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69edb8e1-27b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lp8wsrpwitPsdB1pVYY5XE2FDzfkXByyULeRY2MnPvxHgUHwGSVv9u5GE7o0B%2F5j6oXNjkiUlbkEdHTxC%2Fef54NnCgE76sXcZBbHeg%2BlBxA2%2BDDmXWo837V2%2FGc%3D\"}]}\r\ncf-ray: 9f381cbd0bb30b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":635,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (634)","md5":"349f5b93e9d8dde770b2c7bb055dbfcd","sha1":"ba66f08093433ff9ae5b906faaf3f669f8ee75c1","sha256":"001315e8416480bc075df6a7ae1e9a205426501bb92987fda20e438d3dfd8d11","sha512":"eb8f140aa043b2cbe0dba7d2184fc8419bdaa5a117c24e442b2db79cd646daa913774f7dacd8e8a361ad0787a5d06462bdaac341c8518391dd7330387142b3f7","ssdeep":"","tlshash":"cff0d192df3af2b06da892811dd571962d1162547ca60bc091a2ae3115934faf29cb73","first_seen":"2026-01-30T06:58:07.07812Z","last_seen":"2026-04-28T19:33:27.063821Z","times_seen":47,"resource_available":true,"data":null}},"time_used":541,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":541,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/crypto2-RVLsXywe.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/crypto2-RVLsXywe.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-ddcf\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l3szWuI8cZw0frd66x6tALhPkbrU4ca9VgCkAo8cbFQzHOt4B7paowM8VrE2bNrq4qzzoza8O0MBRmxcIPd7SWPu5S5hDw69kiRdO4KBwGlGoD1MV3tGMYBykTI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc87c510b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":56783,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 305, 8-bit/color RGBA, non-interlaced","md5":"8a1eae471f4c0dc21007b86b97b5fd68","sha1":"b1ac51b4dd8a9a255a35326b1e0e3724eee7b431","sha256":"780f1d2b6644b5d7173ac032e83d0bcb58b2d0f8fa81911b15031918f3cb593f","sha512":"decf23d33c7f25185d1ce69a55b7ecfcacc46225c0a6cac3705c8c8666531831edc83b956a8dd0e714b0addf0cfec8e2e9cfd30738b652556ef113d9131bae4e","ssdeep":"1536:Z41T3sxtojtdJlqDe3dBB+5pfT8kbN5ahOaV:Zm3sxWtdzqDe3Dw5ZT/N5ahOK","tlshash":"e543024f4482be71cc64d7813f96923a11967d4afda0b4b08ea7a041cfce4ed72456af","first_seen":"2025-08-26T17:46:37.263184Z","last_seen":"2026-04-28T19:33:27.113238Z","times_seen":68,"resource_available":false,"data":null}},"time_used":912,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":733,"receive":179,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/ETH.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/ETH.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 28 Apr 2026 18:25:57 GMT\r\nContent-Type: image/png\r\nContent-Length: 9807\r\nConnection: keep-alive\r\nx-oss-request-id: 69F0FBB58B90443032EEF3A2\r\nAccept-Ranges: bytes\r\nETag: \"12D9722461759CEFFF02D9076A3D2718\"\r\nLast-Modified: Tue, 22 Oct 2024 11:43:01 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9445008190181339835\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: EtlyJGF1nO//AtkHaj0nGA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":9807,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"12d9722461759cefff02d9076a3d2718","sha1":"6b763fea0b17257a36b90c465593e1629aee0564","sha256":"af89450e1873196692af0d9d4d0c03218b4be8091171b9d8f7349298d4e82586","sha512":"8eb0f616162be914a3945fb383250796e1134da22e8ae612f403f28804ac04b7fd0f607e132403dc28505d80377c9281601cb23ef1f0814e08584428f3efa05f","ssdeep":"192:4V3ZO9Gxo9H+wp5qh6BKfMPaB2kXTfwoVqO2Rzhj7TfhBcHEhaI9yLKKD:4V4GxoYwp5wQKfMP6LXT7V+RzhzncpLb","tlshash":"7112bf66ab39a301d66d2bbe5cc59302db15ad10dfe14a3fcb840980370c6f9de5a6c4","first_seen":"2023-11-19T03:02:16Z","last_seen":"2026-04-30T14:43:21.59412Z","times_seen":570,"resource_available":false,"data":null}},"time_used":1805,"timings":{"blocked":771,"dns":0,"connect":256,"send":0,"wait":258,"receive":0,"ssl":516},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.oba97is.com/api/option/rules/getVideo","fqdn":"webapi.oba97is.com","domain":"oba97is.com","tld":"com"},"ip":{"addr":"104.21.12.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oba97is.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 21:50:05 GMT","end":"Sun, 31 May 2026 22:48:38 GMT"},"fingerprint":{"sha1":"E1:8E:87:FF:58:AE:4C:87:19:35:FF:89:02:31:AA:36:B2:E0:1B:E7","sha256":"BC:17:47:99:84:37:35:95:34:46:D0:B9:7E:BB:B9:81:A3:93:F7:63:90:F1:E7:69:13:CB:5D:12:58:28:9E:4D"}}},"request":{"raw":"GET /api/option/rules/getVideo HTTP/1.1\r\nHost: webapi.oba97is.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://obais.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://obais.vip\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pD0qb%2FNGtqbXlI%2F1bdNJcQPzD5KZMArkLEljimGBOqujzj%2F%2FmpYTZFwaWSC3CZB2brzatj%2BqCPw2uhkZNbPYLzz%2F5HqAAMuevHGO435Ba16aWb4rpblHBS7Jo3ndKLHPTPOPSkk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cca4b3776ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"81ae7b078049a2219423ceba1954d734","sha1":"2cb328ea394c7763c33c127e3d5a03c2448b35d2","sha256":"3d08f73fd242a824c195d98c511c116d537c56670dccdcb6973f8e330d88bbf6","sha512":"098ba5c9515986f67bbec970e534f91f1d3d5270ae726eb215645bfbaf6c7337fe42aaa7c8c9b374740fbcbf22e4507122d44b6691f74f1c05447f9a2d6ef455","ssdeep":"","tlshash":"318004311c0cdc43740334cd4107474010d4305057300310cc5c5134c7041747441c54","first_seen":"2023-11-15T10:07:01Z","last_seen":"2026-04-28T19:45:58.082295Z","times_seen":60,"resource_available":false,"data":null}},"time_used":391,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":391,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/index-C6fM29mK.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/index-C6fM29mK.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-524fb\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=abnrRyIR4DteKlRdyONwGD5G6dYHVfHF8%2BneqQKgBM3uvTGBeiWFi8P1jEnQc4veYalza6mQpII7mIVNFR2jsNOQDdyk61rgXBN2vULcHqmW6glmRCV0w8cPZOs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cdbfd500b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":337147,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (29586)","md5":"374f015fa8429f0e37915993b4d324ca","sha1":"7b9e7a16fbca70af3ed5b50e5c7bc61536a0b8a6","sha256":"04f6a529ce2ec38fcce205df45ff45404003b1eb16c7139b5c63a7787786ec90","sha512":"192280226e105e7c7d245bbeb7e4defdbd16e874b20d4ad4f0e69904dc3bbbb859806d14501b2d94dbf23fc33e04b8f393128608a2f87e3fcbcd7bf1ace73b84","ssdeep":"6144:2CIIxjxeOb8RhWxM4e5usAdBDt27Y+jYFrBPW/5khijm7L0OYm+mKzFw0T3iTTvi:hIExeOoRhWxM4e5uswBDt2M+jYtBPW/l","tlshash":"3f641a847212b27a83f305a2543e4405e2257f88b507c4ddf1fc4cdb3e9ae9665abb78","first_seen":"2026-04-28T18:21:41.019507Z","last_seen":"2026-04-28T19:31:57.543827Z","times_seen":6,"resource_available":true,"data":null}},"time_used":482,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":130,"receive":352,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/login-bg-CtTnvaIr.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/login-bg-CtTnvaIr.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"69edb8e1-5b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S3fxEBjHeczdoxhDPm0hMZX5ELRqElWZjFLu2G2%2BtVQIW3JnfJOSKuwjpq1ks5H5OBQWcIQzK2%2B%2BRuECWE6zrfehbOvcmxYhjvO6vIYVPoTsb94uqi8NLj8j7ZQ%3D\"}]}\r\ncf-ray: 9f381cdcbd540b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"ebba15b40c37ba856a79bc847a08e71a","sha1":"a720af2936ab6f1dad28220622a18f7d338d44db","sha256":"3ddd883a1fd935ffb81a11e0d1dc9628d053175968f0446aa533104a2283c93c","sha512":"3f5b2f086d745a7475029b4fd91f57a953bffe5215314fba804f6b2387b8bb6e8cc1471d83c33a2fb15b0ae511beaf36b1170b39568b433ba7e7738ce28a5894","ssdeep":"","tlshash":"a1b01201855e117a0594105d4781557012e5413c2e5483bce63d46649b1620a5c47e10","first_seen":"2025-08-26T17:46:37.227472Z","last_seen":"2026-04-28T19:33:27.06176Z","times_seen":50,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/index-B4CX758G.css","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/index-B4CX758G.css HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-22b8\"\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RhsEWbcakLksLsYg0k4LehyH%2FwA1p14RZtHzsDG%2BHUOc3nK4qE9AACoVNWG%2By4bO1r4L%2B2RnTW0ulQICuZa5LCgnFs9ly7DHLO%2BIEsEq1wpzFKI%2FCSJXsyfbvgQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cbd0bb40b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8888,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8887)","md5":"365152d1a172a0dee690e108c0e563d9","sha1":"19387e4993b29c4ed320a2b31b0d33fea2606df3","sha256":"249b413b72e45131c9a2d1360e03b90ea3b11bd380bdd877b5ab6c99fc9694b4","sha512":"838b657752953eb242073129b94d1fb5fb8f2a74e112c99ca25f34ed39e5301c9835c5d07cc4c0a16673293e84acae267d61e61bba5a77848da0a44c2a8efebf","ssdeep":"192:fpKymUJbiKnehJTJdKSme+jeH1Zpbw7GHKY:fpK/UbehJFdKW+SVZpbXKY","tlshash":"bf02b630a3181c27a277cf155694e6fc5e64a123cbf7091ce2406e28dbfa5f4122eac6","first_seen":"2026-01-30T06:58:07.052438Z","last_seen":"2026-04-28T19:33:27.105893Z","times_seen":47,"resource_available":false,"data":null}},"time_used":562,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":562,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/cssCalculate-VX7BHKki.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/cssCalculate-VX7BHKki.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69edb8e1-31a\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VqGDPc0E966zNRrEw0qRD0BhiyTE2Z%2FFrZzB0DNeVP91geKQkvUciF6uu4nNPAlNV2w2fyz9h5NTQdxc%2BpuwM0RWfYBum9RGsQ5yAVZpZVxD6DcGNJq57ro2mtk%3D\"}]}\r\ncf-ray: 9f381cbd0bb60b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":794,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (793)","md5":"ce1a07f3d01ae4d3c15e0cc917158e4b","sha1":"72e2d8f92457931b3d813da969a71e786145dbf2","sha256":"128b5f4b42990b1b3f0ce0bad5af90e879b0941179991f2cac53531df662242d","sha512":"39bd9ec377569325f9d9ba3e34df028217f8a162adc827f8f86b06ed40fb228105cb5f94e6a2f4dd8e5bb22128062e38570a84984e777c219bf8b087ff185b78","ssdeep":"","tlshash":"68018ef8a5c1def79b4b563b0e6c492c718c5680ea1f82c2d72ca0207b402ecb132590","first_seen":"2026-04-28T09:02:56.142354Z","last_seen":"2026-04-28T19:33:27.07658Z","times_seen":11,"resource_available":true,"data":null}},"time_used":566,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":566,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.06d6cc76a0524456eb65ea7fb74d0caf5.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.06d6cc76a0524456eb65ea7fb74d0caf5.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 28 Apr 2026 18:25:57 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 398072\r\nConnection: keep-alive\r\nx-oss-request-id: 69F0FBB54C8B3734308C5C1E\r\nAccept-Ranges: bytes\r\nETag: \"E3CE01CA89A13A2725D2F0EE19ABD3A3\"\r\nLast-Modified: Wed, 05 Nov 2025 15:15:18 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2556563783193488817\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 484ByomhOicl0vDuGavTow==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":398072,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 5000 x 5000, 8-bit/color RGBA, non-interlaced","md5":"e3ce01ca89a13a2725d2f0ee19abd3a3","sha1":"d97468ce626f0fa136c5dbb8a8dba2ec1fdf3585","sha256":"30aad1ca0af5dc551f9e3f6708c10647d0082313e97fae485081cbec0ad211f1","sha512":"f400d83712adea2c252d5e614c900219047a0ee72c936a3f17ba134eb051bfd44805fc4254c49de0a5ab5651a2e6ebf32e85c4c9bdb572fadf9663cf1876c0e2","ssdeep":"6144:ziVRVlMcUcx+0IGFyOKFS62oh4rJGmwXCFXxPtSC9iJq/3/6pd6WJ2hUHsD:kTaUmGsPXiwXIPtSEUdaD","tlshash":"3784d0915d228dccfb176fb898a95f4d77700e7402266b8b27b0f8391d8f44eb14b5a8","first_seen":"2026-04-28T18:21:41.039259Z","last_seen":"2026-04-28T19:31:57.623619Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2464,"timings":{"blocked":1315,"dns":0,"connect":0,"send":0,"wait":279,"receive":870,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vip-cservice.com/js/ai_service_diy_mm67mqqq.js?v=1782321660","fqdn":"vip-cservice.com","domain":"vip-cservice.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vip-cservice.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 03:55:20 GMT","end":"Sun, 12 Jul 2026 03:55:19 GMT"},"fingerprint":{"sha1":"70:AD:9B:85:F7:23:F3:E9:2B:B9:45:E1:ED:B5:7F:59:66:D0:A8:3F","sha256":"56:74:48:8E:C8:62:AB:54:11:1A:5A:19:3B:69:28:EE:A0:49:7F:0E:30:DB:25:6C:9C:BC:38:2A:34:BD:BA:D0"}}},"request":{"raw":"GET /js/ai_service_diy_mm67mqqq.js?v=1782321660 HTTP/1.1\r\nHost: vip-cservice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:25:56 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Mon, 13 Apr 2026 05:10:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69dc7ab0-71a\"\r\nexpires: Wed, 29 Apr 2026 06:21:05 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 291\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rBI4xV7BiocxRa7RkILh%2FpK2HT88LI%2F%2B70ZCLi7eIdzikVdmqwUZuHjUUo57BWdNtIjf6KhcJrZHme0WLv5WVmM4lnLAWa2hpkRjQCU9Xfresq2UJLwzo0hvfINOCEJ%2FVklb\"}]}\r\ncf-ray: 9f381cc9eb04b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1818,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"ba54f98d5aebdb5efaca94c8bdd5a31f","sha1":"ccbe0797f816b18b83db680bcfcb57b640bb114c","sha256":"18704aa6eb91ab89c04a3fe62a70db437bec4ff55fa77e58efc220de58ca8553","sha512":"4569cffc43bc8cadaab3af3e443975289d36ec5ab092e8c6b165e1384227aea66dbc27add8c9a75fc8029d0bfff810f38054ffdd26032468f324f48bfd9cb37e","ssdeep":"","tlshash":"2831bb525e99c5721932322a8b3ba228fb311b031901ae033efe57009f31e85aa65ec5","first_seen":"2026-04-28T18:21:41.051103Z","last_seen":"2026-04-28T19:31:57.585302Z","times_seen":6,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":22,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/CreateOrderModal-De4MFw1c.css","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/CreateOrderModal-De4MFw1c.css HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69edb8e1-380\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e3bhNQZpOJVMWmFoItyyQG7DJYk3vZYmPgjnOyTBAJPIDq%2BRli%2FzEbDg2L0c1wuf3SDhhAGlgwMf6izYzqeJbs5x81dbNB5nCVVkN7uQl2f9tFMfVhZyOQMCY%2FU%3D\"}]}\r\ncf-ray: 9f381cd82d190b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":896,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (895)","md5":"cbd343f17246767930d7cdc3a31afc75","sha1":"53f07e27207566ac0bff5087541d29ae88dbf93f","sha256":"50a406ccd97ba1abd8bb250ed95633f2aa6335867512902988da8148ec9a8544","sha512":"e90f43111a41600d98e32838e6f26b63835956482970cf9a0e3e05c3110a5055883c9be8c00d7adee72d237f900fa332beffac4a3b6e420a6a010b1a558a7036","ssdeep":"","tlshash":"0911365b7088a73f5c3bdba000a6a01e1262ff5b8c2113d50aea5193c99fee76512244","first_seen":"2026-01-30T06:58:07.103163Z","last_seen":"2026-04-28T19:33:27.112677Z","times_seen":47,"resource_available":false,"data":null}},"time_used":592,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":592,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/loan-DF3MCu-C.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/loan-DF3MCu-C.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69edb8e1-244\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RyASsSgbbG3%2Fx6IBcs6MwX1njU6d0RDpBXibxN8%2Fz0syO2wS8YDBG8EyskxdvW0ZHFMLVOIe%2F9u%2B4a%2BELBYYyQIs82iO1o5WwYrDCSpF37U3xkYlLd8Nk1QLvDw%3D\"}]}\r\ncf-ray: 9f381cd83d1f0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":580,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (579)","md5":"ddf7d04a79d3e54b130a1a1613028354","sha1":"373af051d949659162d117d3020081816e54fb4b","sha256":"c23235cce4eee55b13caf5ce5773eb32d168d7039fb925673c2292636f71bc25","sha512":"b93af40231906af5b637f6344c19a1de94c54a4325ddc8748c2d0b27de063109f4d181183897c2e481c586e604a61272f89d23ab5d8aa3afd2aca134886f1bf0","ssdeep":"","tlshash":"cdf04cd6fd079a7f9135d23530923d02b43b9634def614702f16d4278b2c0c82717940","first_seen":"2026-04-28T18:21:41.053552Z","last_seen":"2026-04-28T19:31:57.630552Z","times_seen":6,"resource_available":true,"data":null}},"time_used":563,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":563,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/filters-DMioBfPm.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:59.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/filters-DMioBfPm.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-416\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dbt5huAEORa%2FDuVDs82S7jOKwRWwvmBs5SVMZ1lWnVEm6hP%2Fr9b6kq3d8ClyYn9oIhTPmfN6L%2FYJgVfyarxLDPyqpkN9d0f0ppvmIaIWt9caxfPDAKc%2BNUJm9KI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cd83d220b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1046,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1045)","md5":"8e54e10a264e5f1961425fea054079c2","sha1":"c129139d07eb9f706189ed0b9d3492b5ed5a8fb3","sha256":"da335758cf42618d7a30d361a1be6005b34496197db61d0f4a151f8e2b6ef046","sha512":"66b760ba37029bf850c9f06d10e10aea133dd761181b9880a0adc5fc04a1ea570a2f91727935b51c5fae975b6a71ece790e754822037d741af39c24597148ddb","ssdeep":"","tlshash":"1f118ba995c6c67b02fb88c8514d418768e87f7cb00e4b62bd64f11635a1090f4ba393","first_seen":"2026-04-28T18:21:41.01389Z","last_seen":"2026-04-28T19:31:57.600315Z","times_seen":6,"resource_available":true,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":509,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/index-CNIA2a1D.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:26:00.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/index-CNIA2a1D.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:26:00 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-ba51\"\r\nexpires: Wed, 29 Apr 2026 06:25:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VoEfuTpfgxQwnuQKNtlp7WHnJ4UIO%2B1T0Q2UjJXAl68ayI9FFk%2B3QIOMZT29e3klbREXO8JRvG0X5PQ90euJBW%2Ba5nCydXHzyL%2B8dyu4UP4AdOvwjJSPjVwVqb4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cdf7d790b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47697,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (47696)","md5":"47aa90115bb110957870564106ed5ec0","sha1":"815fc63236bf954ad26278cab4f19ad19567aab3","sha256":"c0d2768d5fb721527dde433a1584a6ced2ed0a8bd6f72c08df6c8abe6b5d1200","sha512":"c144e3968c6ed4c0c11c0b3bf6546f77aae9e3f48c5a05d02fff8b8a682332f7f03c6298c93d15409480718bd8d08464423c6afbaa67788b5ae96b925305a4b2","ssdeep":"768:2w40rUC3AsTTEHfjiJo1DHpIh9RzpsSWGhC19pLln0X3fcUgkKq93:Y0rUmAiGs+19pGn","tlshash":"cc23832cb012cfbe9653193162ad2994e1497feec516c80af1bd18233bc3ff05a56765","first_seen":"2026-04-28T18:21:41.005831Z","last_seen":"2026-04-28T19:31:57.624864Z","times_seen":6,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.06d6cc76a0524456eb65ea7fb74d0caf5.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:55.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.06d6cc76a0524456eb65ea7fb74d0caf5.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://obais.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 28 Apr 2026 18:25:56 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 398072\r\nConnection: keep-alive\r\nx-oss-request-id: 69F0FBB4BC6A5B363129883B\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST\r\nAccess-Control-Max-Age: 0\r\nAccept-Ranges: bytes\r\nETag: \"E3CE01CA89A13A2725D2F0EE19ABD3A3\"\r\nLast-Modified: Wed, 05 Nov 2025 15:15:18 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2556563783193488817\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 484ByomhOicl0vDuGavTow==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":398072,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 5000 x 5000, 8-bit/color RGBA, non-interlaced","md5":"e3ce01ca89a13a2725d2f0ee19abd3a3","sha1":"d97468ce626f0fa136c5dbb8a8dba2ec1fdf3585","sha256":"30aad1ca0af5dc551f9e3f6708c10647d0082313e97fae485081cbec0ad211f1","sha512":"f400d83712adea2c252d5e614c900219047a0ee72c936a3f17ba134eb051bfd44805fc4254c49de0a5ab5651a2e6ebf32e85c4c9bdb572fadf9663cf1876c0e2","ssdeep":"6144:ziVRVlMcUcx+0IGFyOKFS62oh4rJGmwXCFXxPtSC9iJq/3/6pd6WJ2hUHsD:kTaUmGsPXiwXIPtSEUdaD","tlshash":"3784d0915d228dccfb176fb898a95f4d77700e7402266b8b27b0f8391d8f44eb14b5a8","first_seen":"2026-04-28T18:21:41.039259Z","last_seen":"2026-04-28T19:31:57.623619Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2810,"timings":{"blocked":827,"dns":1,"connect":273,"send":0,"wait":276,"receive":880,"ssl":550},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/remixicon-BVvFtaex.woff2?t=1734404658139","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/remixicon-BVvFtaex.woff2?t=1734404658139 HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://obais.vip/assets/index-D_5Uqi88.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 176812\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\netag: \"69edb8e1-2b2ac\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HXvKi1CySTIfeHzefweGyfgbFPaxU1SsFrACJ1AwqK2Sso37NekwE1qwxvA0GBCTThgWNw5CW4CLDzYMrgafpS7T5FyYRfjM9PJw%2FJOnmoc%2FYidDaKrZsCefTHg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f381cc91c6d0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":176812,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 176812, version 1.0","md5":"9f0118b43f57fc3ea9f55bbfb3a3b185","sha1":"f3ec7500bd2c615bba2de885d46bcaa91c20aa9b","sha256":"7ea90bbc7c505b98dd7d3a089a6fa32067e353150192951cedb05e26820936cf","sha512":"6a17cdb1c39d1638a2e69ac8c9cf15229d9f64ce9026965dd8e8878700994fd1db65f21be31e18a49ec36e0b0ca522d05ab7f3884b21a022d9ccde9795d0baab","ssdeep":"3072:8oI+omjEjOiEHbaa4yYDtZimTAj2QdJohF8EBGWXsL1u:8r+5baa4yYRTw2Q8C48g","tlshash":"300413f0eda0d72cd9c7fc12f48db606aa9c579475f790901bb0fef869ca4a8965c420","first_seen":"2024-12-20T14:28:38.376296Z","last_seen":"2026-04-30T17:03:27.863836Z","times_seen":1716,"resource_available":false,"data":null}},"time_used":1049,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":532,"receive":517,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/trading-interface-YvFbDJGl.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/trading-interface-YvFbDJGl.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-6dddc\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FbY0b1KgYSntchB3y0ptU%2FvuDsHn6n%2FYxCZBBxfsqrzuUbrNrVi%2FC2RZ4J8zZW0ZmVYJvL26J2DB8RG43%2B4bQEgzyBSc072rJUdxGRmi1b%2Faq2c6gADD8m3iTuo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc88c540b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":450012,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1199 x 769, 8-bit/color RGBA, non-interlaced","md5":"8e164653c295a947f0f5f890ace31218","sha1":"ad2b0b6fea992e6c58813ef2bfb054c4bf219343","sha256":"5414a7098f38784b19949671f3764c769fc9ec1cfa53445f6a083c70d40ed42a","sha512":"64866ba82d827f979ab4a565b85993384d54208092322810905b79b8ff869154c051aa081c69a074e16caf93644220f4fdf93108c9ac94d0be84c5d64f1397ce","ssdeep":"12288:z5/ZEt409LPsiceDij3a44IuvoHZt0JAyKsvX4UCQFX6CKb:z0t39Uic4w3aVIuAHZtOKI4VWX6Rb","tlshash":"b5a423d46a8c52d4420fa54146bebca35e188bbeb733e140d4ce90968f89b71462d6ff","first_seen":"2025-11-30T14:17:39.784095Z","last_seen":"2026-04-28T19:33:27.077135Z","times_seen":32,"resource_available":false,"data":null}},"time_used":1603,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":808,"receive":795,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/Footer-CTl1tGDJ.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/Footer-CTl1tGDJ.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-2ca3\"\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2fmCJzmk8gfYRdI3cn%2F%2Bbu%2FjnwEbzRUIsDBLMW%2BYQeTbq15qa231N7mpXMbPWecRakUoMvXGhapQm8ZnAAvyokbQwCjJY1PpH%2FYO9LcO6Bsx%2BlkHQa7A6iNSUuo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cbd2bbc0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11427,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (11426)","md5":"4fb4c87756f120ce745c50cd64d5eaf4","sha1":"ff25d8601492479a8e77f67c5a81f98bfffdc913","sha256":"46c483c25223bce69041c9e05070aff41be924de406d298e84a00a79132382ca","sha512":"85a30fadec7a3dc12827d6e1bd36a241bbc6db7ef89a647e1e1254f82b65fa7bb271ff1aafc47993aa9827b3b53ae2add95fbb055cc485b144997f68eabf41dc","ssdeep":"192:vQvNBUmwBi5GVBmTI2rDtA5/d3WIJ14NDqCjuu0IUGjUTaqKjSTvS1wSjE8LGTMa:YvvUPBRPmTVDt6/d3WG14NqCjt0IUGjs","tlshash":"cd321a047973c9f9c6b784b4b8415510f238bfeee56bc85ab3fd890a17ced390a06260","first_seen":"2026-04-28T18:21:41.023646Z","last_seen":"2026-04-28T19:31:57.531402Z","times_seen":6,"resource_available":true,"data":null}},"time_used":602,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":602,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/PdfViewer-DIoWOB6J.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/PdfViewer-DIoWOB6J.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-219cba\"\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N%2BR7u1rh%2FsKbgdsTNLRQvN31gPJgMEwvWBBHCgFtNaxMYTU%2BO13IuKSAruMPTTbVyv0%2BYo83nPjQ2kLWdNoTbZC72BvGKJO8lePuwJrRDekdfFiCiVcrjnzcyLg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cbd2bbb0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2202810,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"b29528322b1f9b6428025ab929f0b54d","sha1":"be7dbb00389edc874538174c7ec3dd26f673b908","sha256":"1df5f3df76768f75e21a59268e90ddcb9fa2423ed591e287a0f8805c3b386f5d","sha512":"2cebdf5ceae727d73574fcc9a5f20b93f027684728850b41a6218d27da2b4c714d552f2f647938a04f850443e033ae505b9b34db1194b4956e59199e22e5bed8","ssdeep":"12288:fZapMfCJkxNP/XN8894qsbzAar4Y7hdKvWHbzYE/EqkMsxP706zL9bHIOdBEtHbV:fkpMfCJkPXXq8RqbOt7aFMz8","tlshash":"74258d24731a769d0aa900c370bd1589d3fe1609e062e1dcb78f7a9f6a6ec09673d734","first_seen":"2026-04-28T18:21:40.989927Z","last_seen":"2026-04-28T19:31:57.578925Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1636,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":818,"receive":818,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/Calculation.vue_vue_type_script_setup_true_lang-CfzrS5r4.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:55.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/Calculation.vue_vue_type_script_setup_true_lang-CfzrS5r4.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-4ff1\"\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uVEGRZN6dbgyt53eP29Ech1ePuMGeY4EOs%2FUzMqMv5yDNhPczGzF2YgV3sr2o3UgfFvuySXWvLq%2FpyPM6CDFxSbPExJLen89%2BBUBUwbcc1nJ9eQo1UThJHGz2i0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc2cc020b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20465,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (20458)","md5":"ca47e01ae4be9387a5edb3e92fb6c161","sha1":"bacfadcc264d280584b54993347163c9cf2d72e5","sha256":"af4c46508afc5d54399cecfa15f2af864374f02e72f0a3c719a7edb8b22821f3","sha512":"c782eb4ec85baa69d46c9b16c77b0e92366521af2ba7edd35d5953923cf5d02aab9e9dee0c5534cb70a510640cd97eedd232a83a69ea7b8c177088a63fa6b027","ssdeep":"384:dVSYvnyMTG1CmxcgJJcwV1n2cICjan1eTkLTpkDGaAoiB6cJWM5boWBuYD8daLH0:HScyYfQ2cfansToTpQGaAoE6cbboyuYw","tlshash":"bd92a749b152db3ddbb354f1605e1014f008bfcad426c497a1bf09933aeeeb11a6927c","first_seen":"2026-04-28T18:21:41.016996Z","last_seen":"2026-04-28T19:31:57.51919Z","times_seen":6,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/tech02-fCe8e4gN.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/tech02-fCe8e4gN.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-15fe\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0hT1MJeF3ifHEbFnZ2Wd%2BD7NP5FVmx9gaqKi6k0yk%2FWBTvzu5QXuS9wIuNvKuFMwTsN%2BMKPHunCdCtibLo7enPWY%2B005FMQfPWstxM7Jz4agnUMsXTmMvod1TGg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc87c4f0b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5630,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 108, 8-bit/color RGBA, non-interlaced","md5":"9f0f4960f780ae1e5e85227bbe3383bb","sha1":"f8ee4ead676d1560556168f55b35d53fe32a6d41","sha256":"7cae8a74bc918d12efb430f71dd41d15d06ff373a260547749045449ef9f241d","sha512":"cb7b17a623bea5b449df7a2c0b27ce3e9f8040b3d51bf0be975a798349085e09ed86be8911600ed54a2aa48c11dcc64987c2d1e625560df781108a7afa4e8bc7","ssdeep":"96:A4+Vq+5u/C6+xiKXdoPS2bcPvnGSzKHRe4YebiR0u0tsroQiWcUU9+82gCUuSq48:A4+OKXcSfn7zKHR1YegwscQiUU9+vgCR","tlshash":"d6c18e4e24bdb9424820166045f90171d8aeef522a2f61189b61078ce9983fff5adbdc","first_seen":"2025-08-26T17:46:37.297934Z","last_seen":"2026-04-28T19:33:27.111176Z","times_seen":53,"resource_available":false,"data":null}},"time_used":538,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":538,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/crypto4-C1r0vD33.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/crypto4-C1r0vD33.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-4bb5\"\r\nexpires: Thu, 28 May 2026 18:25:56 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iE5NQw5GDIgt%2B4SYIjdH9UJLp5ejsxvPzlxx989l4RyDj9iWsuWJ1ENKLUBjN%2FttA3GLY03LFruTzUydG%2F4BPI5I%2FEXdO8Es%2B1%2Foqkrhxkz10YkmahF8dmBcTgs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc87c530b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19381,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 304, 8-bit/color RGBA, non-interlaced","md5":"d067618d9d6147cf94031dc7b0e54f34","sha1":"9eac76e72b792627e4262bb3c3349b9a95e76a14","sha256":"51e7de570156dd0d9f5be2aea42306c4e0d810e2f5031ccff71f7a2b7707bfeb","sha512":"1cfbdb4d59b63b7508ddfde9cf307fbbbcc21c9eebcb17d05b5a52c0689acf9a6c5cdf75138ab87ae4d2eac26f12834fc4c4e0e23e94bcdd489b53264a93ce43","ssdeep":"384:SYrMlXfj/ycORUUZpYLOsa70OEU1pKfX9jLKAd6NL3UvOfaDYMAG3eQKRD0:OvmuUZgjatEU7KFjLD6NLasbG3eQKRD0","tlshash":"7692d14cf04b18795a05a41f191ad42bbd1ede7ce81b0123dade0d7945cfbdd9a44348","first_seen":"2025-08-26T17:46:37.293947Z","last_seen":"2026-04-28T19:33:27.106539Z","times_seen":68,"resource_available":false,"data":null}},"time_used":715,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":715,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/js/ArticleViewer-5iIx2dnD.js","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:54.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /js/ArticleViewer-5iIx2dnD.js HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:55 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-963\"\r\nexpires: Wed, 29 Apr 2026 06:25:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RvkgP%2Fo2MDluPFKH8B6k9nddHKrlOV51LziTUJML2rU4i5LZDxnjy9K2GjC3m2BvuYzhwe%2BqMprele1eCo1YE3wa3gH3rCSJllAzrrMhdNQVZmENjM34WofSHfo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cbd2bb90b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2403,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2402)","md5":"54d711709816d38381c8abc9bf7a1072","sha1":"8ddc49ca54ab7a97d515f98881936d1ce6911874","sha256":"86d8ffa8ea8634c9c49ebf66c595897103250f1c50f8bbbf2e9c78b66914f90c","sha512":"91c263cfcdde1a9a9baf59ba6ee4b6ab42338840200a48b81fe753302881045d20b50e2a34b7f21850dc47598401990569ad3e6275e519221e45a5618439bb7d","ssdeep":"","tlshash":"bb41749c64b6cfb896f39335a58ed6545044bbced7118a89727e582a3fc0ef07a5c304","first_seen":"2026-04-28T18:21:41.008747Z","last_seen":"2026-04-28T19:31:57.52458Z","times_seen":6,"resource_available":true,"data":null}},"time_used":540,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":540,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obais.vip/assets/crypto-CzKJroU0.png","fqdn":"obais.vip","domain":"obais.vip","tld":"vip"},"ip":{"addr":"104.21.37.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://obais.vip/","date":"2026-04-28T18:25:56.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"obais.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 15:59:39 GMT","end":"Sun, 31 May 2026 16:58:23 GMT"},"fingerprint":{"sha1":"03:A5:88:AE:D5:1C:6A:DF:60:8C:F1:53:CC:E4:DC:4F:D6:B0:0A:EF","sha256":"56:54:70:7F:64:03:9A:C9:42:4A:4A:CF:67:B0:25:AE:EE:EF:9E:FD:EF:B0:CF:03:3E:F5:0D:68:F5:EC:29:35"}}},"request":{"raw":"GET /assets/crypto-CzKJroU0.png HTTP/1.1\r\nHost: obais.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:25:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 26 Apr 2026 07:04:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb8e1-9b3a\"\r\nexpires: Thu, 28 May 2026 18:25:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SKckMOnfkNvwQz8S4vIqUuuP4csDCRCYpqPJ1%2FVzfDo8NcMWhWLfPhMubvI3ekReIbnXYKqQkzaMwBwecqu1EI%2F9agstJG4eBsamWURqLWIr%2FrUYvcYwJIlCCUs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381cc87c500b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39738,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 304, 8-bit/color RGBA, non-interlaced","md5":"d96f714646b573194b60928d259b4aa2","sha1":"6094806144be7f313efb1d6ce0394e2e1c916e8c","sha256":"f9dad38264fde116c4af1ca31c4f4e5853c22ff612c5aa1356fa788030fd3e56","sha512":"5bc291929ae2da85c57678debf71e608ef311660ff9030eeba1f254470ee822bbcf6347054399e30a4dda40829222cd69314bd0b87236c34fce12b36325bf234","ssdeep":"768:/uuO/MIYxLYmYAaEJCQgwW6scjj+189Qlf3AqpNabUesRt+HPi0:/ZO/MIYxLYfZEFgwRZvY8K5hpM60","tlshash":"2403f273f51364e85cb0e3ddbc8a7299647e91361ba148508411788f563cdb43fb64b9","first_seen":"2025-08-26T17:46:37.250301Z","last_seen":"2026-04-28T19:33:27.107102Z","times_seen":68,"resource_available":false,"data":null}},"time_used":985,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":795,"receive":190,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"obais.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}