{"report_id":"6700c052-c40a-4a97-a5ea-da13534d6712","version":0,"status":"done","tags":[],"date":"2026-06-28T11:40:03Z","url":{"schema":"https","addr":"guaishoudb.xyz/","fqdn":"guaishoudb.xyz","domain":"guaishoudb.xyz","tld":"xyz"},"ip":{"addr":"104.21.21.71","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"guaishoudb.xyz/","fqdn":"guaishoudb.xyz","domain":"guaishoudb.xyz","tld":"xyz"},"title":"怪兽社工库查询","dom":{"size":137,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"fe38ee1344be348f76c39ac0164dfb5b","sha1":"cda83242152c44b51ebc54663c21de8ff7ab8d19","sha256":"8f7affdc28db71eb6020d4789977b7d4593b41047ee019b02d91d1cb0f44b69c","sha512":"f60e13fd6d22d45f0cdb52ba9c5580b55425b7ed18083a1debdacdac884a384b622fe2b09591fb19da6cdc47339fb1ee2957bd99ec2323847a58561f3706003b","ssdeep":"","tlshash":"fec02bbf1001050fb32035c1e9c22104a4c00109f0374c21bb400024c0cc25c80caec5","dom_hash":"domhashc1fec9cafeadbac0b33c1409ff211c3f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"guaishoudb.xyz/","fqdn":"guaishoudb.xyz","domain":"guaishoudb.xyz","tld":"xyz"},"ip":{"addr":"104.21.21.71","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-02T11:40:03Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"guaishoudb.xyz","ip":{"addr":"172.67.197.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-06-26","domain_rank":0,"first_seen":"2026-06-28T11:40:04.002251Z","last_seen":"2026-06-28T11:40:04.002252Z","alert_count":0,"request_count":2,"received_data":128107,"sent_data":987,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"odsj13.cc","ip":{"addr":"172.67.214.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-06-05","domain_rank":0,"first_seen":"2026-06-28T11:40:04.000724Z","last_seen":"2026-06-28T11:40:04.000724Z","alert_count":0,"request_count":1,"received_data":623,"sent_data":565,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"guaishoudb.xyz/","fqdn":"guaishoudb.xyz","domain":"guaishoudb.xyz","tld":"xyz"},"ip":{"addr":"172.67.197.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"62795336e0e02b0d2ec4cb518ae0e467","sha1":"bf3701028453ba02def5628ac138aebb8b869ab9","sha256":"fa017362330afca9b834c3bcc648a6427812c4e0aea5a324f422a4ed3a15fc76","sha512":"055e3ca17aa7078f361f3a5bf9217bea34666b3df0fc8d61c732c0e5f795d352ed570b9cfd1f1b5defe123a40b9b21d2eb591a5c43005c029cc99b59cd7e8265","ssdeep":"384:1YV8O7j6nRMuVcEbt3R445p11adzRiKD5ly7:q7wBLcP4","tlshash":"8fd2a6692cf7153185a7b4fbeb9ba080383120077409dd14bfaca6845f89e84d9bb7dd","size":29420,"data":"","first_seen":"2026-06-28T11:40:13.294749Z","last_seen":"2026-06-28T11:40:13.294749Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"odsj13.cc/assets/js/group.html","fqdn":"odsj13.cc","domain":"odsj13.cc","tld":"cc"},"ip":{"addr":"172.67.214.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://guaishoudb.xyz/","date":"2026-06-28T11:39:32.846Z","timestamp":1782646772846,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"odsj13.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 05 Jun 2026 01:04:45 GMT","end":"Thu, 03 Sep 2026 02:02:24 GMT"},"fingerprint":{"sha1":"CE:52:D3:A2:26:5E:43:AE:9A:B2:43:17:43:5B:05:E9:08:8A:DB:43","sha256":"8A:98:6C:09:CB:2E:57:F1:CB:2A:CE:21:68:C8:C6:B2:57:0D:03:8A:1E:8F:17:42:5C:EE:14:4D:8B:1B:F8:13"}}},"request":{"raw":"GET /assets/js/group.html HTTP/1.1\r\nHost: odsj13.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://guaishoudb.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ndate: Sun, 28 Jun 2026 11:39:37 GMT\r\ncontent-type: text/plain\r\ncontent-length: 13\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e9TbRZ5irjMRlBITwxwqy%2BlEJ7Puk%2FuA%2B%2BXMAwV%2Fp7GAHeO9m9S7yGbKSvhIPksiLHpCO6kzLupl9r3HEKV5x2Jeb300rJls0vYytuUNKrj3hbg022cnZjS3CMI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a12c696e2cf00daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13,"size_decoded":623,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"1e6cd917ed71a1241e4bedc29264bd98","sha1":"5b65037351caeb0e5a48d963d7ffa88d0271d546","sha256":"7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402","sha512":"90e7e9f406dbb9a55b45643d6b4afce103cd565b33e40397b8422e3347ad3778220f8d1ae7befe66db61ce796d3e22d24cbef5fd3ecbbcb5f89a852d19f47e99","ssdeep":"","tlshash":"eb60000c0003c3cc0000003033c00003c000030c303300330000c000000c03c00c00cc","first_seen":"2023-03-08T15:13:39Z","last_seen":"2026-06-30T08:41:43.037482Z","times_seen":15589,"resource_available":true,"data":null}},"time_used":4306,"timings":{"blocked":-1,"dns":6,"connect":1,"send":0,"wait":1127,"receive":0,"ssl":3172},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guaishoudb.xyz/favicon.ico","fqdn":"guaishoudb.xyz","domain":"guaishoudb.xyz","tld":"xyz"},"ip":{"addr":"172.67.197.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://guaishoudb.xyz/","date":"2026-06-28T11:39:32.888Z","timestamp":1782646772888,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guaishoudb.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Jun 2026 14:14:18 GMT","end":"Thu, 24 Sep 2026 15:12:58 GMT"},"fingerprint":{"sha1":"AE:1A:D5:BB:77:8A:37:F1:7F:2A:2C:BC:1E:DE:CF:74:29:C6:6D:8A","sha256":"58:FF:08:CF:8C:45:42:90:2F:EF:BE:D7:82:08:40:F7:E4:30:79:C7:2D:40:BC:4C:5F:D0:93:F7:20:84:D9:FB"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: guaishoudb.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://guaishoudb.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 11:39:32 GMT\r\ncontent-type: text/html\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 26 Jun 2026 12:40:11 GMT\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aE3nMpFFuvSDlq9klIl6xXUw4yR5VEcp09LmihRod1g3VFw%2F6poTNZY2ut2c5GwD89qL67t2v5PfDwO5nu0odi3dHIrDmLnnicy8IVd2109beFUI6dE0m6qDCm5MoFzlDA%3D%3D\"}]}\r\nage: 341\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c695a8854568e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":63416,"size_decoded":15110,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (603)","md5":"ee7dab643247c6c0b3c97eab68d822f2","sha1":"c0fd53f2608656ecb29f5fd1cfb6fe6359fc28dc","sha256":"48a327e887b145478891a7542d463633715b991564496fefa94eda597c8ccbce","sha512":"353973b83ef215a11338ef6ca6d46f58d00b8798e296440b5b4bcd10772f780836a4e6b18ec7f9755e1efe233addb3f7fa0e3200ce8cf91f1a74f8491360f1b1","ssdeep":"384:eRQKQtwg4NLfhQIT0jygMxVppdQfYV8O7j6nRMuVcEbt3R445p11adzRiKD5lyy:1KQtD4ZfhQIT0jygMxVrp7wBLcPL","tlshash":"d553e91a15f70971a937a0eda7eb964237219003f80dde187f6c73848f8a988d97739d","first_seen":"2026-06-28T11:40:13.293552Z","last_seen":"2026-06-28T11:40:13.293552Z","times_seen":1,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guaishoudb.xyz/","fqdn":"guaishoudb.xyz","domain":"guaishoudb.xyz","tld":"xyz"},"ip":{"addr":"172.67.197.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-28T11:39:31.424Z","timestamp":1782646771424,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guaishoudb.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Jun 2026 14:14:18 GMT","end":"Thu, 24 Sep 2026 15:12:58 GMT"},"fingerprint":{"sha1":"AE:1A:D5:BB:77:8A:37:F1:7F:2A:2C:BC:1E:DE:CF:74:29:C6:6D:8A","sha256":"58:FF:08:CF:8C:45:42:90:2F:EF:BE:D7:82:08:40:F7:E4:30:79:C7:2D:40:BC:4C:5F:D0:93:F7:20:84:D9:FB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: guaishoudb.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 11:39:32 GMT\r\ncontent-type: text/html\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 26 Jun 2026 12:40:11 GMT\r\npriority: u=0,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hRdXq5J86sxqfIsPibpxJXIejHBDVPhHgwMGPDWV2SCuAGaGObSzAaPknIVcjufHaDuRn%2FbAl5Y9%2Bx8IZtDEKn1KVmC1zn90eWefJz46KR65VeYKU07%2B2yLZUOSxqtwf7g%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\ncf-ray: a12c69519fe3568e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":63416,"size_decoded":15111,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (603)","md5":"ee7dab643247c6c0b3c97eab68d822f2","sha1":"c0fd53f2608656ecb29f5fd1cfb6fe6359fc28dc","sha256":"48a327e887b145478891a7542d463633715b991564496fefa94eda597c8ccbce","sha512":"353973b83ef215a11338ef6ca6d46f58d00b8798e296440b5b4bcd10772f780836a4e6b18ec7f9755e1efe233addb3f7fa0e3200ce8cf91f1a74f8491360f1b1","ssdeep":"384:eRQKQtwg4NLfhQIT0jygMxVppdQfYV8O7j6nRMuVcEbt3R445p11adzRiKD5lyy:1KQtD4ZfhQIT0jygMxVrp7wBLcPL","tlshash":"d553e91a15f70971a937a0eda7eb964237219003f80dde187f6c73848f8a988d97739d","first_seen":"2026-06-28T11:40:13.293552Z","last_seen":"2026-06-28T11:40:13.293552Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1098,"timings":{"blocked":-1,"dns":7,"connect":18,"send":0,"wait":863,"receive":209,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}