{"report_id":"6073b571-e478-49fd-bee5-e85ccd4633d9","version":6,"status":"done","tags":[],"date":"2026-03-09T06:47:13Z","url":{"schema":"http","addr":"3.cc0228.top/?invite=MD4201KV","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":0,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"3.cc0228.top/?invite=MD4201KV","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"title":"1.cc3318.top-😈 小女孩训练营","dom":{"size":101495,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"ced5d4fe15610b28de3c69582e92884e","sha1":"67cd56bc3b80cc9f599e8c0d2b75872ac48fc5ca","sha256":"3e49ad303125f3391bc29e49f3a62596c16a438a286516bcecc1a44ba7600bfb","sha512":"99af7d9fa13781d73f61dc03de9617ce5586323694cde1b2411dcaa06f338df7a5a7741920e89c7f71cb87fe69a9f896cda830982627052ee4e62d86747ebcbf","ssdeep":"768:dxPZda3kqx/T1BFoB03jHsRsZpat8w1jNm:dxPZ43TxL1BFoB03jHqt8uw","tlshash":"e6a3ce6151cc1fb701630ac3b01436dd306fef71e41b58a2faf39618c7e6d96698ac6a","dom_hash":"domhash7e870da02b5779e0d1414611edb2ae66","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"3.cc0228.top/?invite=MD4201KV","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":0,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-13T06:47:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"3.cc0228.top","ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2026-02-18","domain_rank":0,"first_seen":"2026-03-09T06:47:14.596938Z","last_seen":"2026-03-09T06:47:14.596938Z","alert_count":31,"request_count":31,"received_data":1379010,"sent_data":14884,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"3.cc0228.top/?invite=MD4201KV","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"4501124266190b6934364e9ea14bb6ea","sha1":"c5a5405c05caa60b43037ecb96ff2ea3925edc11","sha256":"65acb1254db8bf3a61f46d81ed53513df96bbc89bf0bf43e5a6f3ce2e669c338","sha512":"59085c472c6325bb2a087fc2b93953f20ed06a8b145d475ec6e90aa7bfd696e110484ac5ba1cab1676e6fcbb9aa8ff92e5878da88f0aad603841d170096043c9","ssdeep":"","tlshash":"6cb01258461f40024c4371c18609801282dd2660406f0544ca089c08c14e080030a0c5","size":91,"data":"","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.115347Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/?invite=MD4201KV","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"eval","is_inline":false,"md5":"152007192226c69c4a44f39e0a7b74db","sha1":"cd7823b59b4912d6548966e5eafaaa2203304cfa","sha256":"846eb98bb04859bbe614b010dbf82cd4bceb94c67846778dd0e8e4f3fd0668bc","sha512":"9e1780c667ece4a43d23b3a65b443a72868a7a666e654bf0e7f5521b1b259a3f4dc21efbd2968432ae98e61cfefec2316634d2ba2576c32b8c42edef3cdf2066","ssdeep":"3072:mtZ6NNJiRRBCEvyMwjn0SpADH79cVONlqqMbv:QZ6NNc3PyMwjn0SpADH79cVONlqqMT","tlshash":"88d3188db36472a191e72256539ed10263b65845b80ac4a470768cd7acbde8c03bfefd","size":139760,"data":"","first_seen":"2023-03-07T17:50:14Z","last_seen":"2026-04-07T22:15:38.10431Z","times_seen":176,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/js/jquery.js","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","size":92629,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-20T12:48:39.923418Z","times_seen":62323,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/js/madouset.js","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"5f31b3fb5ce2b1257ebf21219a0009d2","sha1":"30afeaeeeb01de4458b5d2ff1447852417884d44","sha256":"70196287cea3b87c4bc3e482cc71f63726f57e8502050df0e45bac045bd94c9a","sha512":"5827cf3ace1bbd38cb420b692d23401825e80108c98b5b30e6b7a4ed1132f722807ae0c441eb6ed1c4f290afc8586f19af1d35fdd389c26b4bac98f7fdde0371","ssdeep":"1536:NmhJ3H2IIY50b1vVyRtXp/3+gvVIIa5WsIUS:NI33ofiRsW1","tlshash":"a7332c6c758034b353e3b0a9901f660bb2715a20954b4054f23ae4f96dbcd9ea1b7f2f","size":52173,"data":"","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.082459Z","times_seen":163,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/js/madouym.js","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"8bf1f452e83e1f4918fa130a20a624c7","sha1":"3ac6c42fa52d23c918d9afc7bed65238d2aff707","sha256":"ea9554e3d370debb14795e7e6b5d11366b225eb38e95e3de6b935c5bb17a1422","sha512":"8f0dd9242e167f2f9b0e8f46b99606ca5d6949613b50d32e79a1d9301d99bdb19cd12f1a43f3a2d435ceda82b0d0821981856e1967f4283088630dc5af186fdc","ssdeep":"192:W3F5czysQpYcbibF0FF1L43eAI+0FF1L43eAYdntufGZdntwh4Wi5Cj7ss8iOaPx:W3FhiN3eAj3eAYdncfOdn715mOaPqM1X","tlshash":"85825395b35c652ec0f733a9853e0188ca3ee5378201c5bcf86f20a44fe19462356e6f","size":18044,"data":"","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.103581Z","times_seen":138,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/js/swiper-bundle.min.js","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"152007192226c69c4a44f39e0a7b74db","sha1":"cd7823b59b4912d6548966e5eafaaa2203304cfa","sha256":"846eb98bb04859bbe614b010dbf82cd4bceb94c67846778dd0e8e4f3fd0668bc","sha512":"9e1780c667ece4a43d23b3a65b443a72868a7a666e654bf0e7f5521b1b259a3f4dc21efbd2968432ae98e61cfefec2316634d2ba2576c32b8c42edef3cdf2066","ssdeep":"3072:mtZ6NNJiRRBCEvyMwjn0SpADH79cVONlqqMbv:QZ6NNc3PyMwjn0SpADH79cVONlqqMT","tlshash":"88d3188db36472a191e72256539ed10263b65845b80ac4a470768cd7acbde8c03bfefd","size":139760,"data":"","first_seen":"2023-03-07T17:50:14Z","last_seen":"2026-04-07T22:15:38.10431Z","times_seen":176,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/js/home.js","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"ad761aba5fe163a5894346b043059171","sha1":"533b41ea4088ec28bc7d976f5b2aaa6af757239d","sha256":"6a02b83cc1e0b375bbf5078f18c317e027060a210c5f3aa04e73af5928d331fb","sha512":"1d0089104fa602f289571fd9138c3ffcefd84f63d783037bb4ec76c7bbf5d2a558bfd8c0ff03e573505a7c6a7fb904a6e76d20e02f74c415864127232d80fbd0","ssdeep":"768:hRbcTTu8eMbaLbhpaDa/b7z9Ssbhe85gr9RiSo5EHIwHTQv7:hRQXdeGD/i/7","tlshash":"8403a45dbaf7146050b3317a4fbf5508327a815f1909cd48fe2e11a48fc4a4eba62bbd","size":37906,"data":"","first_seen":"2023-05-07T20:53:24Z","last_seen":"2026-04-07T22:15:38.109169Z","times_seen":168,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/?invite=MD4201KV","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"9e69225a88cd5a97e5a58a7f3fda7dda","sha1":"11c2882cc90e1992b9369e7e52543a4941d879f6","sha256":"4acc18f431010e9d397010d94cba37218f2ddf50d61a71f2f14f7a9f0677c5bd","sha512":"8a107376c3ff5bcebce93a4b9fbf621f2cc321a322a500c49e74dd43db01ed32fb758ee6db380484ea88ff5ed7b9fa58f0189fdb2a969bc103e3facc1f3d7b08","ssdeep":"","tlshash":"33213a91f348239311933a745cab15cc606d21d229129e7ebc5a71ec38fc0fb7278caa","size":1144,"data":"","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.115991Z","times_seen":129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/img/infobg.png","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:54.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/img/infobg.png HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650f0ed4-21ce\"\r\nexpires: Wed, 08 Apr 2026 06:47:09 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8654,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 560 x 174, 8-bit colormap, non-interlaced","md5":"924543ee9462c199425ffbf0c1ed7e67","sha1":"4e03fd6e33ea47eb03b81fda56737c9bc78c9b6b","sha256":"e71566f528e854ce6a3cc02de409f7424051a88928ed66107e1c629e0f09ff7f","sha512":"a2b11ea71ebaf9127d3963fca5d9d91bf20662c393270d9cbfd8623ec477ff012752a8e8507f312515ce6a64e7f74761fb581e419b89c8da68b641d6450af81b","ssdeep":"96:Yad0WhhKfHVdGx9oBxR6CCXovYes8RWMX3CSUpK1NUq7FGpR8aW02EwF4Thurqw:Yad0W7KfHVdGx+s7XolxgDz84BwF2ur7","tlshash":"2302bf278b6e04b567637978ff80af7323256d0eef8458061825a252fc69f8492dd6d0","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.114682Z","times_seen":137,"resource_available":false,"data":null}},"time_used":342,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":342,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/thumb/20260306/kaziohif/12125.jpg","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:54.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /thumb/20260306/kaziohif/12125.jpg HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:09 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 06 Mar 2026 06:51:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69aa7954-7fea\"\r\nexpires: Wed, 08 Apr 2026 06:47:09 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32746,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 480x848, components 3","md5":"cf46b3127b5539a0ee241fed275c9493","sha1":"244771178e1f39622e667a7de879a8314f40117b","sha256":"d783504af8cb42b3be823df9d6d75f2ef271cf6dbc34ecbe936f373a6f7e36c6","sha512":"db442e31e8d63e85b9fd2294317e4425b8784e5ecf9142bf19d312d45f2894a8da59f09b790d395b380acc4fdd58d69dc750bcf3b48e8a2e65e32af6f4662ec4","ssdeep":"768:5/pGFgiGkrbqOJPSdzVdvHh+Vr8vwcweTooDTdXoBh:5Mx96dvB++vfooPhoT","tlshash":"76e2e1a895ec564e8cb2ff70399475eb4037522cbe6d82fea543e780b2253a408731f5","first_seen":"2026-03-07T01:16:25.038382Z","last_seen":"2026-04-20T04:20:27.207456Z","times_seen":12,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":491,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/js/theme/default/layer.css?v=3.1.1","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:54.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/js/theme/default/layer.css?v=3.1.1 HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:08 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650f0ed4-44c4\"\r\nexpires: Mon, 09 Mar 2026 18:47:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17604,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"fc7d431ac4ceb16de8a771bebac4432f","sha1":"7ab0140cef151fc35d465cce8da0e08a3c5cf14e","sha256":"2669a641d98e2fed992f80609e2fa3b4b592982450ac42e949404fc8c8fe5ccf","sha512":"721729ce5128fec0b320beec8d6de6b363d35d764f0c3d9f5108510f02ac42b52ac3af84bb423bcc5d718920f841afa2d2f85b2bd59fb3b1330cd79281bec104","ssdeep":"192:NHBa0BqWUiNTI21a5xBJS3MlRLMFFJ8r0uAYBRxXy6:Nha4qSTI35LJS3g6FJy0uZRFy6","tlshash":"7882faa5a54211cd73035a15e7fd2b72adf4ac22e92b48adf1d7380f4388669733219b","first_seen":"2024-04-27T03:11:02Z","last_seen":"2026-04-07T22:15:38.094698Z","times_seen":212,"resource_available":false,"data":null}},"time_used":345,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":345,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/css/app.css?v=666","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:53.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/css/app.css?v=666 HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:07 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 26 Sep 2023 14:21:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6512e8f3-34f7b\"\r\nexpires: Mon, 09 Mar 2026 18:47:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":216955,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"5b9d9e226c3697928c30b0afc4a1986a","sha1":"a271568455dee0f522f325a84f03c63e34879338","sha256":"d3af0ee066fb75e5ffde922a8d1ad940432b2a596ca19962cb66118ea88f10c1","sha512":"340ad83c6717c9babaa222c2d9abff144e9ae45c686f218816938833246ab50f7ad1efafdaf353c15f49ab8250fd7747284feb4dc8e2c42d18a377d14261ff3c","ssdeep":"6144:BxBNfUhBATuEJgyzKSUNukGxyCEWL1PTjo1zPL7/Itdr2540LlcUdgUF+PBHJSvX:BxBNfUhBATuEJgyz9UNukGxyCEWL1PTI","tlshash":"76243378a84d3dd713aee4887f887b106b29f5b5dd091d9ae143bc6cc3c52a80192bcd","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.102827Z","times_seen":121,"resource_available":false,"data":null}},"time_used":369,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":369,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/css/swiper.min.css","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:53.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/css/swiper.min.css HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:07 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650f0ed4-3d6a\"\r\nexpires: Mon, 09 Mar 2026 18:47:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15722,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2254), with CRLF line terminators","md5":"b391cb7a46bd7431b031b9a9b782f3b5","sha1":"fb4925183db37d4d503af50ed56db2f95984a9fa","sha256":"3444efd696844e7b8985870859a1799275ed6ffb25bbf1e352ecc3b0840ca48e","sha512":"62be2ac5e37263703a49a975070f095d767566a8f375b5fab852e3746153f423dd9587acfe5b7acd4f3c51b706d8e0ce304787f59dbee2ccc7cab913849b1d4f","ssdeep":"384:TtUbeQZ9nU8MjVFCmlNPdJM7BhFBvDl5X+FoBLMgx9P:Tybh9nUnjVFCmlNPdJM7BhFBvDl5X+F6","tlshash":"5d6221201721346ba3234f6d1bb1a7759fa488a35e43489db1c0ed48d7f94f8b32f5a9","first_seen":"2023-07-16T08:52:57Z","last_seen":"2026-04-07T22:15:38.090013Z","times_seen":126,"resource_available":false,"data":null}},"time_used":550,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":550,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/js/jquery.js","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:53.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/js/jquery.js HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650f0ed4-169d5\"\r\nexpires: Mon, 09 Mar 2026 18:47:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":92629,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32089)","md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-04-20T12:48:39.923418Z","times_seen":62323,"resource_available":true,"data":null}},"time_used":628,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":628,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/js/home.js","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:53.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/js/home.js HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650f0ed4-9412\"\r\nexpires: Mon, 09 Mar 2026 18:47:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":37906,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2677)","md5":"ad761aba5fe163a5894346b043059171","sha1":"533b41ea4088ec28bc7d976f5b2aaa6af757239d","sha256":"6a02b83cc1e0b375bbf5078f18c317e027060a210c5f3aa04e73af5928d331fb","sha512":"1d0089104fa602f289571fd9138c3ffcefd84f63d783037bb4ec76c7bbf5d2a558bfd8c0ff03e573505a7c6a7fb904a6e76d20e02f74c415864127232d80fbd0","ssdeep":"768:hRbcTTu8eMbaLbhpaDa/b7z9Ssbhe85gr9RiSo5EHIwHTQv7:hRQXdeGD/i/7","tlshash":"8403a45dbaf7146050b3317a4fbf5508327a815f1909cd48fe2e11a48fc4a4eba62bbd","first_seen":"2023-05-07T20:53:24Z","last_seen":"2026-04-07T22:15:38.109169Z","times_seen":168,"resource_available":true,"data":null}},"time_used":1438,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1438,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/img/category.png","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:54.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/img/category.png HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3.cc0228.top/MDassets/css/app.css?v=666\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 391\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\netag: \"650f0ed4-187\"\r\nexpires: Wed, 08 Apr 2026 06:47:09 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":391,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced","md5":"e3f6d56833c281176d850aa23206032d","sha1":"04ea23ebe5352d2f148c50f7ba3da6460b5ac092","sha256":"ee35b1223a8835d8b68f15db71b866144f5ace6fc56650a197eaefac94da47c8","sha512":"84f3a754139a74cc2cacc2cced04dbbbdc6022c7f638277812f7e0b3dd9cbc73e4c3a246ada685a71f50f5404efffeccf45decb7006ed60be1d125e547388a2e","ssdeep":"","tlshash":"b8e06168fa6255686b335353cbf98522dd27538d652ec30c19696136a5214c032914f5","first_seen":"2023-07-16T08:52:57Z","last_seen":"2026-04-07T22:15:38.113999Z","times_seen":137,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/img/member.png","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:54.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/img/member.png HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3.cc0228.top/MDassets/css/app.css?v=666\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650f0ed4-41f\"\r\nexpires: Wed, 08 Apr 2026 06:47:09 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1055,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced","md5":"1902935df78ca5465e6f6b215bde677c","sha1":"e73a75134c93b342f5a0749514752292bba5dd95","sha256":"96df3fd7629b59de7e354fc0f3dbffcbb041e7bd39e1641dd9874475eb2ff9b4","sha512":"4fdc7470dd0ccb71fabe228f00179100e0886efa7412b6a91df33de4a8daaa76ba220136e4bce8b6a228991eca29f58de9438bae487f4907674d26c3b971599d","ssdeep":"","tlshash":"5b11b95fe4b71c05c3531f7be99e0065ce67083f41465a645f70e7a550d980187aaac9","first_seen":"2023-07-16T08:52:57Z","last_seen":"2026-04-07T22:15:38.095767Z","times_seen":132,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/fonts/fa-solid-900.b15db15.woff2","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:54.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/fonts/fa-solid-900.b15db15.woff2 HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3.cc0228.top/MDassets/css/app.css?v=666\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:09 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 79444\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\netag: \"650f0ed4-13654\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79444,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 79444, version 331.524","md5":"b15db15f746f29ffa02638cb455b8ec0","sha1":"75a88815c47a249eadb5f0edc1675957f860cca7","sha256":"7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7","sha512":"84e621ac534c416cf13880059d76ce842fa74bb433a274aa5d106adbda20354fa5ed751ed1d13d0c393d54ceb37fe8dbd2f653e4cb791e9f9d3d2a50a250b05f","ssdeep":"1536:ogXevisOzyu5r4HjEIe9vyJFdiTCHnegAZ64RPmF17k+GbpJ0VxZrtbz:oTvissyu5eb0ciORAZ64Qrk+0Mzbz","tlshash":"6b7302c68d4ae504c87e0daa36b5a96651be9fc5720e4df6e8700cbcf1f12dc0266d19","first_seen":"2023-04-05T14:18:50Z","last_seen":"2026-04-20T12:48:43.028509Z","times_seen":20799,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":284,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/js/madouym.js","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:53.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/js/madouym.js HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 05 Nov 2023 04:35:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65471b78-467c\"\r\nexpires: Mon, 09 Mar 2026 18:47:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18044,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"8bf1f452e83e1f4918fa130a20a624c7","sha1":"3ac6c42fa52d23c918d9afc7bed65238d2aff707","sha256":"ea9554e3d370debb14795e7e6b5d11366b225eb38e95e3de6b935c5bb17a1422","sha512":"8f0dd9242e167f2f9b0e8f46b99606ca5d6949613b50d32e79a1d9301d99bdb19cd12f1a43f3a2d435ceda82b0d0821981856e1967f4283088630dc5af186fdc","ssdeep":"192:W3F5czysQpYcbibF0FF1L43eAI+0FF1L43eAYdntufGZdntwh4Wi5Cj7ss8iOaPx:W3FhiN3eAj3eAYdncfOdn715mOaPqM1X","tlshash":"85825395b35c652ec0f733a9853e0188ca3ee5378201c5bcf86f20a44fe19462356e6f","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.103581Z","times_seen":138,"resource_available":true,"data":null}},"time_used":1099,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1099,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/img/loading_h.png","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:54.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/img/loading_h.png HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650f0ed4-13e9\"\r\nexpires: Wed, 08 Apr 2026 06:47:09 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5097,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 340 x 227, 8-bit colormap, non-interlaced","md5":"3fb82d96c8fcd4b8ea5a8b6fe8135c02","sha1":"6fec7527d517e9842d26c88c00863953d9adc4c7","sha256":"f89fa2acd64a3da25c5314347ba88af44ef70749c42671c274b3f5461f6a0cd9","sha512":"bddb339dec4e280a15005ecb1c094fd28fdcd13565259e531c817b5f1cb1373485b5364711eaaa3ccac0fbe7198cf647d7c06558832f3bc9f2bffeabc457f373","ssdeep":"96:auh9Yo2OVZCQ7kgVKKW7BmAEs5wzvLtvYjzeazffLAQHdtpxUNKoUz7:aS9R244htp5wHBYjSabfLAoXqKoE","tlshash":"fcb18f8b647b49383ee7540174262563e9ac0ca747494fdb8a8aff41a77f45442d1d60","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.08593Z","times_seen":131,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/js/swiper-bundle.min.js?_=1773038813773","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:54.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/js/swiper-bundle.min.js?_=1773038813773 HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650f0ed4-221f0\"\r\nexpires: Mon, 09 Mar 2026 18:47:09 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":139760,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65280)","md5":"152007192226c69c4a44f39e0a7b74db","sha1":"cd7823b59b4912d6548966e5eafaaa2203304cfa","sha256":"846eb98bb04859bbe614b010dbf82cd4bceb94c67846778dd0e8e4f3fd0668bc","sha512":"9e1780c667ece4a43d23b3a65b443a72868a7a666e654bf0e7f5521b1b259a3f4dc21efbd2968432ae98e61cfefec2316634d2ba2576c32b8c42edef3cdf2066","ssdeep":"3072:mtZ6NNJiRRBCEvyMwjn0SpADH79cVONlqqMbv:QZ6NNc3PyMwjn0SpADH79cVONlqqMT","tlshash":"88d3188db36472a191e72256539ed10263b65845b80ac4a470768cd7acbde8c03bfefd","first_seen":"2023-03-07T17:50:14Z","last_seen":"2026-04-07T22:15:38.10431Z","times_seen":176,"resource_available":true,"data":null}},"time_used":310,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":310,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/thumb/20260306/10cklsqy/59622.jpg","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:54.851Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /thumb/20260306/10cklsqy/59622.jpg HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:09 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 06 Mar 2026 06:51:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69aa7958-f915\"\r\nexpires: Wed, 08 Apr 2026 06:47:09 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":63765,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 720x1280, components 3","md5":"0935a54d1804440314e552d227df826d","sha1":"7f6c4ad058f06e8ab99fc1605e9418b550ff713f","sha256":"d03c0dae3ff36d716fa19247476956f6751c75bb8ff5c5482aac949016f95f21","sha512":"b3dcda1059dbf63eee8d8b6861097961666539a3faa5f14ccd7aa2fee3abdfee820ed7e1911b8cd5f8b32a29900a9b980cdd04a68c38afc3156a0959dbb1875f","ssdeep":"1536:7A7FwviCAcj0o8sSQPt5aAvsvjSFtjM/06csifBTBNQv:7UFrCAmHEA0/jczfBTI","tlshash":"ce53012bff82f751dae007357dc7a0a237000223f5a91e467f682968533e3957d2a94d","first_seen":"2026-03-07T01:16:25.008848Z","last_seen":"2026-04-20T04:20:27.155095Z","times_seen":12,"resource_available":false,"data":null}},"time_used":362,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":362,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/thumb/20260306/2od0mw81/18657.jpg","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:54.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /thumb/20260306/2od0mw81/18657.jpg HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:09 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 06 Mar 2026 06:50:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69aa7950-992e\"\r\nexpires: Wed, 08 Apr 2026 06:47:09 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":39214,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 480x848, components 3","md5":"2cd1c4db29d120b1207f2b971d7a14d2","sha1":"0ab86ef71e4f1bce453b56ed98a2a4466666df58","sha256":"2a6b153dcdebac9859652a77d3d1ffa53d980c024e980c235c08fd1fce7b0778","sha512":"8cf16f2be6f1870d8ce26128d755f46aad242fd4103c9011a76555de3a8221b94f14e602e710c617d83e8d80174f89af39c66408f4399fa0f05a6ebc0da21b01","ssdeep":"768:DfxdM6Adnq97qMueVA+sW7rWL+oh+0Fj409IWwdLRnbv5HRzHPW2Qa0:jxdM68E7qYZsWI+oh3R9I3LRbv5HRLWF","tlshash":"1f03017fe564fe2ad2580e251ecc3859aee45fe906e088719e06cd90c4d37e534bd2c8","first_seen":"2026-03-07T01:16:25.027755Z","last_seen":"2026-04-20T04:20:27.129687Z","times_seen":12,"resource_available":false,"data":null}},"time_used":549,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":549,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/js/madouset.js","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:53.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/js/madouset.js HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650f0ed4-cbcd\"\r\nexpires: Mon, 09 Mar 2026 18:47:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52173,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22031), with CRLF line terminators","md5":"5f31b3fb5ce2b1257ebf21219a0009d2","sha1":"30afeaeeeb01de4458b5d2ff1447852417884d44","sha256":"70196287cea3b87c4bc3e482cc71f63726f57e8502050df0e45bac045bd94c9a","sha512":"5827cf3ace1bbd38cb420b692d23401825e80108c98b5b30e6b7a4ed1132f722807ae0c441eb6ed1c4f290afc8586f19af1d35fdd389c26b4bac98f7fdde0371","ssdeep":"1536:NmhJ3H2IIY50b1vVyRtXp/3+gvVIIa5WsIUS:NI33ofiRsW1","tlshash":"a7332c6c758034b353e3b0a9901f660bb2715a20954b4054f23ae4f96dbcd9ea1b7f2f","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.082459Z","times_seen":163,"resource_available":true,"data":null}},"time_used":1080,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1080,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/img/gotop.png","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:53.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/img/gotop.png HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:07 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650f0ed4-ad6\"\r\nexpires: Wed, 08 Apr 2026 06:47:07 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2774,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 57 x 59, 8-bit/color RGBA, non-interlaced","md5":"1aeae4b293c9035e595ef7ac57ed8c6e","sha1":"20ea4c63148bcaf3a62f81abfb29d64439953d41","sha256":"66b5ee7b280446615a924d461e2750659816148e194f8c006e420123103d9f88","sha512":"7fc41c43d30bda0d5fb383b86da5cfe3c1fbcde1f71042a6cdaa8c24da070cc5138f2e8ba3c2ea3475bba290b843eb5b0a90ce8930884553628d639edab85d48","ssdeep":"","tlshash":"c0512bfdc05059401551ec840ce6122eab374cc0dac978b374dfc9a992355ae9d59ceb","first_seen":"2023-05-17T19:17:02Z","last_seen":"2026-04-07T22:15:38.093244Z","times_seen":165,"resource_available":false,"data":null}},"time_used":1437,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1437,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/img/long_active.png","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:54.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/img/long_active.png HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3.cc0228.top/MDassets/css/app.css?v=666\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 760\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\netag: \"650f0ed4-2f8\"\r\nexpires: Wed, 08 Apr 2026 06:47:09 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":760,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"202b803a9d536a29e717e8bee2cbb8a6","sha1":"0bac9bd4cd18ce4a4abc63a823cc3df420a4f68b","sha256":"3ca8946a24c04ac910d8283fc6ef71801e214efae56d9aadb3089fd86f005368","sha512":"550774061326c8fae6d0661e702c49a94e2af5f0f524a6d523178b38a8616d53c754b785ad0345dcafb650b9e191c0c7462720cda6521653608aa248ad27f2d5","ssdeep":"","tlshash":"fa01bab576080921dd7e5f53d9d628124df514c06bfd40e159ee748056b835a09e30f7","first_seen":"2023-07-16T08:52:57Z","last_seen":"2026-04-07T22:15:38.106005Z","times_seen":122,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/js/swiper-bundle.min.js","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:53.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/js/swiper-bundle.min.js HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650f0ed4-221f0\"\r\nexpires: Mon, 09 Mar 2026 18:47:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":139760,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65280)","md5":"152007192226c69c4a44f39e0a7b74db","sha1":"cd7823b59b4912d6548966e5eafaaa2203304cfa","sha256":"846eb98bb04859bbe614b010dbf82cd4bceb94c67846778dd0e8e4f3fd0668bc","sha512":"9e1780c667ece4a43d23b3a65b443a72868a7a666e654bf0e7f5521b1b259a3f4dc21efbd2968432ae98e61cfefec2316634d2ba2576c32b8c42edef3cdf2066","ssdeep":"3072:mtZ6NNJiRRBCEvyMwjn0SpADH79cVONlqqMbv:QZ6NNc3PyMwjn0SpADH79cVONlqqMT","tlshash":"88d3188db36472a191e72256539ed10263b65845b80ac4a470768cd7acbde8c03bfefd","first_seen":"2023-03-07T17:50:14Z","last_seen":"2026-04-07T22:15:38.10431Z","times_seen":176,"resource_available":true,"data":null}},"time_used":1146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/img/triangle.png","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:53.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/img/triangle.png HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 371\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\netag: \"650f0ed4-173\"\r\nexpires: Wed, 08 Apr 2026 06:47:07 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":371,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 60, 8-bit/color RGBA, non-interlaced","md5":"5b25adfe7484ae3f5e9cbcf7cb1be19d","sha1":"11d4d45c14b95bfa12c511079a049bd46d87ef43","sha256":"84b8cb82085d34293d82bf23c044bc9e56d9530cd67b6056314ac60a5f76ecbb","sha512":"00ecd12aaccc57c398532565867b5cd81d9d7469de177dd27ab68d9a582bb4a665e0e42e2ef590ea83343d902910644195dee46154e058a98da1e89eb7eae622","ssdeep":"","tlshash":"53e0c057f918c819c6a217230740c840ee7cb1e71b51b2dc5dfc8c6f203e94584daf86","first_seen":"2023-07-16T08:52:57Z","last_seen":"2026-04-07T22:15:38.08354Z","times_seen":140,"resource_available":false,"data":null}},"time_used":1437,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1437,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/img/shopicon.gif","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:53.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/img/shopicon.gif HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:07 GMT\r\ncontent-type: image/gif\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650f0ed4-1c579\"\r\nexpires: Wed, 08 Apr 2026 06:47:07 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":116089,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 137 x 157","md5":"919b9dee46db898c9ef5d8c195d58461","sha1":"232b5b5bb6a544f951896f30f11e0280d60b1ee2","sha256":"ef5d41e64f546e11f902e4e180cb309136d3c8518a7365c46100a88c05ca46d9","sha512":"ff3864a16c76d75a616ba6f01f3f86833615cf9c27e0dd2113abf8a71909c4f12143df3df14d69aa2769a738505609e3227e947fd7595a4b02feb46cc4158b22","ssdeep":"3072:6/soo1FSTgRg1yFi3eWd5AFIb7DCxftTAe/:Oo/STgRgWi3epFcKxftr","tlshash":"a1b30261b4750518e0d3ea3b9d134b22bf9c30e2b19b9c56a44a0ef122577eba1fd981","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.084565Z","times_seen":134,"resource_available":false,"data":null}},"time_used":1436,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1436,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/thumb/20260306/u06gel6r/59412.jpg","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:54.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /thumb/20260306/u06gel6r/59412.jpg HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:09 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 06 Mar 2026 06:51:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69aa7956-fc64\"\r\nexpires: Wed, 08 Apr 2026 06:47:09 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":64612,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: \"Lavc61.3.100\", baseline, precision 8, 1080x1920, components 3","md5":"7e8a5738758a35805d97981089d29661","sha1":"cd7a7c658fe2505abe0e07c5fac54abdd21f87d3","sha256":"b51257aa3e01a8b6c0232df2c8ff9fa3591af446376799a7e2b9a3d15afc22c2","sha512":"676a97e2659c41477c88d49e65031a8d58683544da542852d9c642422532e06c66c4565be87eb2301d7f4e116c8cbc2a727e8a84d3fdc58697a8b7b48a0bbed0","ssdeep":"1536:BXeqxpOSoiMiDRrFry5iOywYTfir/kxLcGKEMUsZBmzkUt0iL:Q5SdrW56T08xKL7mzkUtb","tlshash":"a853023bb678f428aa50613577e2777c421c38b0685b924803936d7b6d6cfa1eb513cb","first_seen":"2026-03-07T01:16:25.020466Z","last_seen":"2026-04-20T04:20:27.128528Z","times_seen":12,"resource_available":false,"data":null}},"time_used":429,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":429,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/thumb/20260306/f9guxhy5/80215.jpg","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:54.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /thumb/20260306/f9guxhy5/80215.jpg HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:09 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 06 Mar 2026 06:50:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69aa7952-6186\"\r\nexpires: Wed, 08 Apr 2026 06:47:09 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24966,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 360x640, components 3","md5":"f1f0ddfc61520b5118cb8f3d21a016b4","sha1":"885b6bb77aa4ff453b95d6d2a20cfedb87f7ce10","sha256":"991dc1b2fc0c797d2b782811dcd2dc0dfbeb4fc05bc61338d4cd32d397dc7a95","sha512":"4e09404c7241921dea88ded36833d97be047ee386f22d59c732149e495cfc5cd06cf8fb3773bd0f6124a166631ae4d4fa4b7eb3b7c4468b89c6d513a97ea7096","ssdeep":"384:wa4LLLFRdkoIzrzGKXYA5mS5SWvB/QFq4qtfEr7dx02RpKMUT9Y01pXuPwO:tWLdkrzdt5mESWvBIIfEndWsKMUPXX2f","tlshash":"21b2f13fb864814e9ff6d17471fe5ad98578b30431140bf699bc022f892b64c5f21ba0","first_seen":"2026-03-07T01:16:25.029756Z","last_seen":"2026-04-20T04:20:27.183817Z","times_seen":12,"resource_available":false,"data":null}},"time_used":524,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":524,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/?invite=MD4201KV","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-09T06:46:51.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /?invite=MD4201KV HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:07 GMT\r\ncontent-type: text/html; charset=utf-8\r\nset-cookie: user_ts=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/\ninvite=MD4201KV; path=/\nload_state=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0\nload_autoe=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0\nload_img=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0\nload_url=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0\nload_time=0\nnotice_state=1\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":92838,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"cbe9dcd37bcd9b5d3c22e51bebe32580","sha1":"96feecf30282f3dfa9d08ec63b6019af3844dd7d","sha256":"948f3769e554fbe6844e3407d764becf8581670a4a5026b5bc927b16813ed3d2","sha512":"31ecf6c184984fd57979b4523e70dbd1d8efb5016d3beecf03727301a951864f6e1c56dafc7c8c3e3083b99733c2253db54e9cf14be83ba57565df5f1aaef8c1","ssdeep":"384:1iKPZZhaM1DYov/JTxu7rJhV2bFg0wOR9mMmTmomkmBmqam+mymnmGDm6mum5mxS:1iKPZmaYov/JTxu7rJKpRh8w1N+","tlshash":"c5934860518c1f7b411316c3b11437de606fefb1e45b8892faf36224c7c6d86a99ac6b","first_seen":"2026-03-07T01:16:25.014802Z","last_seen":"2026-03-09T06:47:19.472841Z","times_seen":3,"resource_available":true,"data":null}},"time_used":2341,"timings":{"blocked":944,"dns":396,"connect":270,"send":0,"wait":453,"receive":0,"ssl":276},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/img/logo.png","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:53.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/img/logo.png HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:07 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650f0ed4-b61\"\r\nexpires: Wed, 08 Apr 2026 06:47:07 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2913,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 324 x 66, 8-bit colormap, non-interlaced","md5":"0152d2dfa9d7b60813134cd8e8dc577f","sha1":"329e4c831a258be284c52a870851eca5702f8281","sha256":"63697efaf8b5870ba5ae44e436b5d154988d9d73e50c79f35ba8a92eb038fb8c","sha512":"be09d5dc81e4dc668f2c9888ea3895bd0de59dd18a4ea75ce6d8db9c9db73695fdab65b365177b8e5a7a0c5639e2a460d48e413f23f51052ff809c57f8fadd77","ssdeep":"","tlshash":"49512bdbf4684c12e784a98ce7e5c54b4446aec1c4675a29b7a6f536077120d126243c","first_seen":"2023-11-18T03:45:47Z","last_seen":"2026-04-07T22:15:38.091908Z","times_seen":138,"resource_available":false,"data":null}},"time_used":1438,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1438,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/thumb/20260306/4xi51zfm/93999.jpg","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:54.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /thumb/20260306/4xi51zfm/93999.jpg HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:09 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 06 Mar 2026 06:51:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69aa795a-12456\"\r\nexpires: Wed, 08 Apr 2026 06:47:09 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74838,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 720x1280, components 3","md5":"565514c3aeac39df0ec39ca15c35bd72","sha1":"5da924919be091afd81a028df6b97fe60fd0c641","sha256":"b082b93f304d5f564ea52cc85490e4a87e8e3ce67e4775e6ceb19155ca395800","sha512":"21eddc6f8b4e90250b85878fde9601ad691927eb7a5a55f074a39621dbbe917b62bf8ba5177af300eae9bc97223ec265f725f76bf786bbc58bacfba7aaad09ba","ssdeep":"1536:l6jOPlMDueKTRrc4qbJUVBBBGRBjwWCSBaJXBheriP0ElnmDwkU0:sONMlMRA4q1UAwZSB0RVmDwk5","tlshash":"1c7302502d4a03d7da05adf9a05b7b88019662982ff91303da35d271f806fff06d9eb6","first_seen":"2026-03-07T01:16:25.018868Z","last_seen":"2026-04-20T04:20:27.180239Z","times_seen":12,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/favicon.ico","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:55.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:10 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 1150\r\nlast-modified: Sun, 15 Oct 2023 05:07:27 GMT\r\netag: \"652b738f-47e\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"e491a5cc2e92ecc7319ec1cf6992550e","sha1":"3afe14f34a96bc28e5ed0673e1dff0af53f1f850","sha256":"2aec32b9e2848c7215569d4269a567af10fb4a955925290042ca376488c176e8","sha512":"65eef11ffd2081656e43d1ae1170b9dfd6e66030e6fd9477b9ee0d5ca59110de1e703d20fc0750bfdaa6874d5349107aa4358d1460635afda14cfe363c99dd52","ssdeep":"","tlshash":"1621949ad1d5118ae8bb473c2c241ea001befd92fcb4b11e1cd3b154d7fb0c1a550ae1","first_seen":"2023-07-16T08:52:57Z","last_seen":"2026-04-07T22:15:38.107272Z","times_seen":169,"resource_available":false,"data":null}},"time_used":278,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/css/alert.css","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:54.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/css/alert.css HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:08 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650f0ed4-1565\"\r\nexpires: Mon, 09 Mar 2026 18:47:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5477,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF, LF line terminators","md5":"cce2dda4fb5f3c01f993a181a60059b8","sha1":"3303bed32c0f41a95925f1343f2f724faeae1c73","sha256":"63a5c02720182972e71d033c66981f727ad9d26cd81f62fe41d9dc92f272f03c","sha512":"8bf412d8b8a4992b2d2d9616d1024aa487751b8fe708fe6a1845871a1b27941d3d1f05ba0b9e37d000c2330555c657fa3c0c6b5e957075fec091e3210a8d29be","ssdeep":"96:Aoe3ieJ2nHrlrrrcrZr7+0rYrW+0tiKtwmwt9Dft9+ytYrtGYt3txKtRcitUrn/1:AlyIEyODD+HrmqJRIBgSQ","tlshash":"85b1ef013fad3038d62f4273fe97ae44de29049256d36fdfb46958cd86cb48632ab590","first_seen":"2024-08-07T22:02:10Z","last_seen":"2026-04-07T22:15:38.113393Z","times_seen":74,"resource_available":false,"data":null}},"time_used":345,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":345,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/download.png","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:54.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /download.png HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:09 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 27 Jul 2024 14:46:53 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66a5085d-14bb\"\r\nexpires: Wed, 08 Apr 2026 06:47:09 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5307,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"3080d73b7cc7503aaf9d78a902186ceb","sha1":"a5fc473ad3a315d1a7c2d412c140ad033d4f0c41","sha256":"0dccf73afc055b51143298ab29a4ddf2e957575c8b34b0b20002131114884c5a","sha512":"734cef123a8bcd359b0eea8854a6ee9d080e5801a3742f8140fb5395f412de3f9df9e17e23c26af42c77b85f8973fd1deeb1bdbf88adb2728c9ecfd6bc7aaaed","ssdeep":"96:9Znw6SOHboOKAyYviM/5vekwZ5jh+BaDxwKm089GRuW5MICYE9o7nolCmNZp3nR:LbSOHboOKyHyh+BGxwKg9GZx7E9Tj","tlshash":"6fb19dccd429d0a45b7030248be30310cee1d687200b00496d39813f8a6bfbba2dcad6","first_seen":"2024-07-27T22:09:08Z","last_seen":"2026-04-07T22:15:38.111501Z","times_seen":80,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/img/icons/apple-touch-icon-152x152.png","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:55.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/img/icons/apple-touch-icon-152x152.png HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:10 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"650f0ed4-2335\"\r\nexpires: Wed, 08 Apr 2026 06:47:10 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9013,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 152 x 152, 8-bit/color RGB, non-interlaced","md5":"80f4331a8e2711d076e3344a57b6ec6b","sha1":"21bdafc5799e1cfeb5a0b5145e856e79b4c67f6a","sha256":"d220d6670b94e024f553f1744a7159439bdd19abf8021a2bcd8c7f541a618b52","sha512":"a6cdfd80f9a6cc98e478e5dbf072e6701618a059932f44fef148647b75edfd2fd94866e1a97bea841c227a1453c4b6f4f81bebb93d62a82f7e3dbc0ee5acb8ff","ssdeep":"192:vSykknQHufxvro7tcL61o7tPAf7gKtbWGcfjp4eb0dqGQxS0AbLI/wIqzd4:aenQOJk5H1ktP4bDCjp4xdqGQU5b0/OO","tlshash":"6802aff03a1875c892c9f4d6bde1491b2a5783e0dae79443b4ea2fb375318f0144e6e1","first_seen":"2023-07-16T08:52:57Z","last_seen":"2026-04-07T22:15:38.088493Z","times_seen":139,"resource_available":false,"data":null}},"time_used":278,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3.cc0228.top/MDassets/img/collect.png","fqdn":"3.cc0228.top","domain":"cc0228.top","tld":"top"},"ip":{"addr":"118.107.45.43","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3.cc0228.top/?invite=MD4201KV","date":"2026-03-09T06:46:54.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3.cc02011.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 22:46:28 GMT","end":"Sat, 23 May 2026 22:46:27 GMT"},"fingerprint":{"sha1":"52:52:1F:D8:06:BF:90:66:D3:52:98:16:D1:1F:65:5E:78:F4:B6:70","sha256":"24:F6:50:C6:F9:9D:DB:C2:74:4F:A5:B0:67:5B:31:43:68:70:7F:36:8A:96:48:12:15:E8:ED:E4:E1:C6:3A:12"}}},"request":{"raw":"GET /MDassets/img/collect.png HTTP/1.1\r\nHost: 3.cc0228.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3.cc0228.top/MDassets/css/app.css?v=666\r\nCookie: invite=MD4201KV; load_time=0; notice_state=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 09 Mar 2026 06:47:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 788\r\nlast-modified: Sat, 23 Sep 2023 16:14:12 GMT\r\netag: \"650f0ed4-314\"\r\nexpires: Wed, 08 Apr 2026 06:47:09 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":788,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced","md5":"46e501426ace4e9d006856effd51897c","sha1":"8baeebde03d2604c890204d22d3070181fc92404","sha256":"b6f62294654776a048d100fd19eca5bcc121110287052b6b7d40d69a7b01fd13","sha512":"03a224f1725c0a2da461bfd5cfed5091da7c3b567f065bc7117a2aefc125a5e8201cd959c676e678169bb5a44b211f567acb75aa9e7f2bf03b7be531ff645405","ssdeep":"","tlshash":"1a01c59616980fa8ccde0cf28684832ae834c55722ba56c48c02c1e76d009d119dd192","first_seen":"2023-07-16T08:52:57Z","last_seen":"2026-04-07T22:15:38.112279Z","times_seen":138,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"3.cc0228.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}