{"report_id":"6e3dfc8e-fb9f-4b18-9e6a-45e6571c83d7","version":6,"status":"done","tags":[],"date":"2026-01-05T00:32:43Z","url":{"schema":"https","addr":"sx92.com/#/","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":0,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"sx92.com/#/","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"title":"CBOE","dom":{"size":44287,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (44287), with no line terminators","md5":"b0c5c7e3ad79aedc6578292ec7260f6e","sha1":"190f7239786776e62f37d7421d7466d82d551fb3","sha256":"b803690117ccee12237310a5cb4516dab776c2451d7eddf6bd1a4accf23d8a5d","sha512":"5f030b0bd5297bbb5ea573435459812ad6c6d1070a506a81c014eb93f0d26c32a6c1dffd29f7b2d793720e43dc6352baa32c35720b5e40e01fbae25e38a99ad4","ssdeep":"768:mVAkWrBWarZDhL0Axd5QaK/I8KepOZ2mRgz7vYwmxQEJxgecewzDHPOBCM:BrkarpT5g/RG2Ugz7gwnEJxe4","tlshash":"56131830e440146f1673cdf7e6207f5a54cbd75e8138d8608bae5f2c9eeaee06726492","dom_hash":"domhash4636a6770dcf783d6004bd73a8009281","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"sx92.com/#/","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":0,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-09T00:32:43Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"sx92.com","ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"domain_registered":"2015-04-15","domain_rank":0,"first_seen":"2026-01-05T00:32:44.018121Z","last_seen":"2026-01-05T00:32:44.018121Z","alert_count":292,"request_count":146,"received_data":2720101,"sent_data":66569,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Chart.js","description":"Chart.js is an open-source JavaScript library that allows you to draw different types of charts by using the HTML5 canvas element.","website":"https://www.chartjs.org","common_platform_enumeration":"","icon":"Chart.js.svg","categories":["JavaScript graphics"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-01-04T22:14:09.841371Z","alert_count":0,"request_count":2,"received_data":146251,"sent_data":1084,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-04T22:17:15.216142Z","alert_count":0,"request_count":3,"received_data":21333,"sent_data":1361,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"sx92.com/Finwallapp/js/popper.min.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"56456db9d72a4b380ed3cb63095e6022","sha1":"6dbce88aee15b42f29083df7a07513cf3b486ba0","sha256":"66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2","sha512":"e56bd96b837b26add354d0a9e2b8dc04c95cea94f7959ee05718ed23a224296fae22d49afab160b45963bd99c2c501a3f12517e431eb68a13a327ff8b262b50a","ssdeep":"384:kmQkLrwVOyzirVyKnxRsIB9Db5HjiWn8xHOxvRVgD75zBY5vImg3FzGpL9ARdOgS:vLsgyziJp3Db5OxHOxvYD73Y5vQzyL9p","tlshash":"1992b4cc3294b06643a791a7a0af960fb2339875610e9410f19df2d97c30ef9a13bc79","size":21004,"data":"","first_seen":"2023-03-07T01:06:27Z","last_seen":"2026-06-07T20:21:26.697288Z","times_seen":18917,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/js/jquery-3.3.1.min.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-06-07T20:24:36.021577Z","times_seen":133811,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/js/color-scheme-demo.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"f67bf95da88501190b67f2f6da7a6a92","sha1":"4ab0e788712c26cb33ba0dec94178c5fdc4d2cf5","sha256":"e8105b2be806c1dec39bb1fab850b5da1aae01c73e8555de36ea973182b255c6","sha512":"63c020a2033005d40cee1c07d19aa19240ac4182c4bf380a089e9545986c2b5724b231fdbbb796b996330601609306ec201e5d72754be5ce2df26ee4c40e426d","ssdeep":"96:A/K9KXKZKWKjEGhzKRikNKcKyK+VhqE5au0MhEOi6:DCg9gOi6","tlshash":"67a1ae1db438597a90bb3632c6b5e588ef2c147b83065750bc6e58b41f78086b163f6f","size":4987,"data":"","first_seen":"2023-11-20T03:27:49Z","last_seen":"2026-01-05T00:32:52.924176Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/vendor/swiper/js/swiper.min.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"c78e8d2443c29ea6501af4b1844e4c73","sha1":"7c477aee5043f22f4b8a0e6a574be43cd35dbed9","sha256":"6d7dd97b1b8f9a6dd66cc9025d3b6603d371173712d103fa273e20a3013a5370","sha512":"d590a0b5ed061ec2cdf7a31a768df63b266a98f9fc60b8ae6f428ab770b5852f88ca4fea2c3be05b5473361e7ee4e1214620e228a18efefbbeabadae251edd21","ssdeep":"1536:/ArVAiT53aBXr1nuNraK8h78lucfbyYDk5PJVzD5vp0XvH7WcWUwcPqojsE8EtOG:RBXr0rJ27UjmvD5ufH7WcWUwcPqmz1b","tlshash":"f0c31949b35071d551e72256539ed601a3b62805b90ac0a831b2dcdbadbde8c03bfefd","size":124672,"data":"","first_seen":"2023-03-07T01:10:44Z","last_seen":"2026-06-07T08:06:12.413749Z","times_seen":1481,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-29a6111e.97d1e99e.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc4bfd754010678f481a1e1ce963d3b2","sha1":"eabdf7fe68935d4a5c85059bf7122296f2ff2288","sha256":"a524c79cc99fa2d6ae158cd723443ef2a254e485a9fdd627e9b3e79a61d7eecf","sha512":"3e5c5d927867a5de597f8ee6a1a89826136a21e96dd325063b76ebd07d754560d0df26b7d3aee11f87d22be1c39da6fae10640e9f3fc4390218af5a4685b802b","ssdeep":"768:pI8KepOZbmRgz7vpL0Axd5QaKQ5BPruKzZ8iOdPwCgBWarZDY:pRGbUgz7D5gQ5BPruKzZ8iOdoCgkarpY","tlshash":"a2c28d45a8cbd9bcae6f9531620d1630e46a0fe9d338d480f3759da87ae0d740b1f92c","size":25834,"data":"","first_seen":"2026-01-05T00:32:52.921177Z","last_seen":"2026-01-05T00:32:52.921177Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/js/main.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"ed108653c4f86beb972803c21c3e09a6","sha1":"996a4f141976770ce83cc67a36e748282b1eff0d","sha256":"52b5d73107afbe8407a70f6b361ba46389511c9df73caeff422fe26ed499b5ce","sha512":"e9ce03ea254da5b4c6fd8713cca95f02a2f1f26052c7edb136c31082d74b05bb354436afb6758b43a96b9884330a36d1f4ebf7a90d9c788d03cf14d359c48cc3","ssdeep":"48:2kPsmDVGtu5kHBtwNCrZXZ3Y0BeRMuQnz0XQgKzaF4aVoiytiGkYvT+aD5Ilq6y+:rVN2UC/9BZl6441pGNbVdIlq9MrhgKF","tlshash":"e2911048b15075a691bb33364e7f9188eb3d4167c2418390fd6c26c46fb01d8a2b2fde","size":4483,"data":"","first_seen":"2026-01-05T00:32:53.088552Z","last_seen":"2026-01-05T00:32:53.088552Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/vendor/chartjs/utils.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"61c7a1f5471c4d9807f22deb62bbb414","sha1":"81f129bc8eda58a0e5dc242ce30073bb74e4f1cf","sha256":"63c4aac2748abf84217c2df8437a69d57e7a5b00e18c11cc84f0f3e2c4dd34db","sha512":"37db95199999859d0b34a25a688258f9eb93762bf6230a54e227cf4945ac66358c19271cb09ccbece91dc3a52b4bfc34be6a0cac50f0ff02b6a2d764823e8d1a","ssdeep":"","tlshash":"79e026edf4665cb072177360088f1d0ff22dfc228d3d0a51d4115120672a42e00e2848","size":313,"data":"","first_seen":"2023-11-20T03:27:49Z","last_seen":"2026-01-05T00:32:53.049683Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/js/app.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"976732ddf8755dc3acce7fef56dca8e8","sha1":"4b56143250fb70ec30778908c2c36aa317b43cf5","sha256":"80aff8468cda3f9a582624afb5575ce1b35c38aacea30297d00af2e1a6259c53","sha512":"11bafa2ad99fa31ee5890f2a94a4f2116dbac5a5cbf34a8b6753013fcc9954c89d3ff103afdbd3f93ca7ce80a7fb1ab505099f0e2e0338f7fc1d2f7536fe9225","ssdeep":"96:3qb2qdbkALgWKotepW1AKjd1KjU5QAgCNBKCx4B7XVd:3qCqdbkAL7XIpW1AKjd1KjU5QAVj4pFd","tlshash":"ff328c85e80514aa5833eb3f5e3ae304f6670357918a996b3cbd8d44cf720a8519def8","size":11618,"data":"","first_seen":"2026-01-05T00:32:53.03793Z","last_seen":"2026-01-05T00:32:53.03793Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/vendor/chartjs/Chart.bundle.min.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ea1f27eae85d0471fb4b639c9496907","sha1":"88671274cff7d908a79d66df527b8f03a99d3269","sha256":"faaf9d1824ab55b7a3777303bb32472ac936797778b05e5760431f3d9b0e9d81","sha512":"d2a3410d980e2a563c7d58b7f08313faf16415b45d8788c97a10d1df57e7ddaeb5569f03a02d57484442216fc0815b3ed318d122e6ab6c1066b7bf2fd5bb5bdc","ssdeep":"3072:A1cKqXHVDQHJ+Mc0HzBCKd6QFmmjHl9+3:AediHJ+Mc2BCK5FhHl9+3","tlshash":"ca14088d7282712653a712a4042f050fa23b7954284f8a58f676e8d67d7cc9f61bbf3c","size":201689,"data":"","first_seen":"2023-03-29T20:56:13Z","last_seen":"2026-06-05T23:22:27.660234Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/static/laydate/laydate.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e74dc1a1b5697ab070cb9c7adb5ac49","sha1":"1e6bbb396193994151bd348cdab730bedb04aa34","sha256":"5ab07e6bee1636349d1e0cc8e68bf88ddbd1c87e6781a80361a74d1462ca1e35","sha512":"20555e7a38010bbddc09f432b847d47f70005a21b4891eaa7cb55fd7423c11dcbea9d7725dfbbdef3cb2b5b15b26acd8967e2366571a718ce6a5db1ed1f2704e","ssdeep":"384:JmU32p5yipnSwmZhKnO36zlz+Hbk2enSel:N32pSVhKnOKzlzCknSel","tlshash":"94c2e94ab44a79e782732067114f010db67985bead068424f45be4f66cbcc5b123ffea","size":26733,"data":"","first_seen":"2023-07-06T08:21:15Z","last_seen":"2026-01-05T00:32:53.107385Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/js/jquery.cookie.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5528dde0006c78be04817327c2f9b6f","sha1":"31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8","sha256":"b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8","sha512":"69484bdb1382ae92c4b860f97fab601db2d8117469619f06e720fe5a516b5eb3f2d88ad6065bba6e28790bd1faa86b20aa753a9a0c7a2ad53c4eb787a404a9af","ssdeep":"","tlshash":"ff516650b7cc361e06ab22516b6f10ace63cff721158449d881965f82cb0c7bdb6bd6a","size":3121,"data":"","first_seen":"2023-03-07T01:06:39Z","last_seen":"2026-06-07T18:22:52.696199Z","times_seen":17202,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/vendor/bootstrap/js/bootstrap.min.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"02d223393e00c273efdcb1ade8f4f8b1","sha1":"0cc93b8421d89c24a889642428b363cb831de78a","sha256":"79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582","sha512":"339296df3b6e2080a65488634aa5ded35a15d9ba5edb8f203b1aa695c62b13302fc2cecfc37cfa04ad2219baf0bddad4414862dde5e0b71a7923c3c3a3d61f8d","ssdeep":"768:wfAnnayQIk8HVheIE8Dg76TXQI4vPKMEK6viTlCDFm4n6xOp6Pxg3/wCVaAk2:wfUnTcWCw6xJxg7aAz","tlshash":"0343a54a7254787206df747a817b060bb3366c99a50a816cb8699ced2f7cd483277f3c","size":60044,"data":"","first_seen":"2023-03-07T01:06:50Z","last_seen":"2026-06-07T20:48:58.39682Z","times_seen":13954,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/app.267c915f.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ab9f8ca4be421d4cf474c8eacadca99","sha1":"90a1c851a9c599fe1d920862ab18b54b66de2c53","sha256":"45c0b142ea1f60ed9ec444a7c50fb6f1ede99cf62b27d7957236366a1c5a0f43","sha512":"462c190ea0fb7c70f34ff5558a4db0379a5f9138aa8632ce4cada31aa76054e1f7cccee2fb7b282baa6bbcf08a5c5b52db56cfe5ad690546a38fccb6b4377566","ssdeep":"12288:bSebiigQZb6givwdffcky6pSBMg5GLflkTN+9AkMLTx8fsmNEDZHMcNt3mG+LcI+:ZpDivj6puGSN+9AkMLTx8fsmNEDZHMcD","tlshash":"68a49e3901cd2cbb0ad20185f117be4d6e9d06aef019c165e1f8a9bf11deac5927f68c","size":454117,"data":"","first_seen":"2026-01-05T00:32:53.164896Z","last_seen":"2026-01-05T00:32:53.164896Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-vendors.ef372108.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"ddfdcb2ae93ee4a66ed59e73aeb68077","sha1":"f38f6388e37d143d6790b3b5eb857840abb79a36","sha256":"82a05dc06d8d0372fd546685738e991b596717b32671763435d2a1ee68e0d75e","sha512":"d1bf8f6393d3908691462ae107f14016b9e5bb35efd8d17cf871feb5d4a5d5d00a031423c45e91a691ebdee2d413366309957290dbbc8e02b8d89b4229e4a153","ssdeep":"6144:s5fbuVCK9moBzgX4RUL00zxJyilK8MbIC:gTu7moB+QU9lK1bn","tlshash":"fbb4e78ab2c2b02547a770b4402f110bf2376958b40a84d8fa79f4e56d7ca5da13bf7d","size":512072,"data":"","first_seen":"2025-12-13T04:12:16.535188Z","last_seen":"2026-01-05T00:32:53.15479Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"sx92.com/css/chunk-cb8d65d4.56b09b92.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-cb8d65d4.56b09b92.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-4ac\"\r\nexpires: Mon, 05 Jan 2026 12:32:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1196,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1196), with no line terminators","md5":"4ecb8bf9aefd4cd6c4b8782017031572","sha1":"3eb47e35cdb3d7613e0934b34d668f72382f1a26","sha256":"7d46b68388b64e49311fd05e088a7884fbe8b53c8666beecac83acbe42f61055","sha512":"afd0d549d074c700054b16931255ef8a3b75c923e5bccc7321ae131ab2b1647a177f7f4376ae4039c8a8f170e477284fdf9e69357d070711ab8067322fc1b1ac","ssdeep":"","tlshash":"07212c1ab70c14c4b27fe1c6be42a1d165006b939b451f69adc13e3fadc31b13131ad9","first_seen":"2025-04-21T11:39:25.140499Z","last_seen":"2026-01-05T00:32:52.917925Z","times_seen":2,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-29a6111e.97d1e99e.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-29a6111e.97d1e99e.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-64ea\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25834,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (25686), with no line terminators","md5":"bc4bfd754010678f481a1e1ce963d3b2","sha1":"eabdf7fe68935d4a5c85059bf7122296f2ff2288","sha256":"a524c79cc99fa2d6ae158cd723443ef2a254e485a9fdd627e9b3e79a61d7eecf","sha512":"3e5c5d927867a5de597f8ee6a1a89826136a21e96dd325063b76ebd07d754560d0df26b7d3aee11f87d22be1c39da6fae10640e9f3fc4390218af5a4685b802b","ssdeep":"768:pI8KepOZbmRgz7vpL0Axd5QaKQ5BPruKzZ8iOdPwCgBWarZDY:pRGbUgz7D5gQ5BPruKzZ8iOdoCgkarpY","tlshash":"a2c28d45a8cbd9bcae6f9531620d1630e46a0fe9d338d480f3759da87ae0d740b1f92c","first_seen":"2026-01-05T00:32:52.921177Z","last_seen":"2026-01-05T00:32:52.921177Z","times_seen":1,"resource_available":true,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/js/color-scheme-demo.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /Finwallapp/js/color-scheme-demo.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-137b\"\r\nexpires: Mon, 05 Jan 2026 12:32:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4987,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"f67bf95da88501190b67f2f6da7a6a92","sha1":"4ab0e788712c26cb33ba0dec94178c5fdc4d2cf5","sha256":"e8105b2be806c1dec39bb1fab850b5da1aae01c73e8555de36ea973182b255c6","sha512":"63c020a2033005d40cee1c07d19aa19240ac4182c4bf380a089e9545986c2b5724b231fdbbb796b996330601609306ec201e5d72754be5ce2df26ee4c40e426d","ssdeep":"96:A/K9KXKZKWKjEGhzKRikNKcKyK+VhqE5au0MhEOi6:DCg9gOi6","tlshash":"67a1ae1db438597a90bb3632c6b5e588ef2c147b83065750bc6e58b41f78086b163f6f","first_seen":"2023-11-20T03:27:49Z","last_seen":"2026-01-05T00:32:52.924176Z","times_seen":9,"resource_available":true,"data":null}},"time_used":1023,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1023,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/materialicons/v145/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:23.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/materialicons/v145/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://sx92.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 128352\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 01 Jan 2026 12:45:13 GMT\r\nexpires: Fri, 01 Jan 2027 12:45:13 GMT\r\ncache-control: public, max-age=31536000\r\nage: 301630\r\nlast-modified: Wed, 17 Sep 2025 16:29:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":128352,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 128352, version 1.0","md5":"53436aca8627a49f4deaaa44dc9e3c05","sha1":"0bc0c675480d94ec7e8609dda6227f88c5d08d2c","sha256":"8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1","sha512":"6655e0426eb0c78a7cb4d4216a3af7a6edd50aba8c92316608b1f79b8fc15f895cba9314beb7a35400228786e2a78a33e8c03322da04e0da94c2f109241547e8","ssdeep":"3072:b4XkN5u3RbAR2r4lJ8FBnP7fNblbKBRvqy:fGdA8FBP7fNb5y","tlshash":"91c3231efc32af9a2e1724ec288521809c1e92fbe0b3512cf565f437e76517d999ca09","first_seen":"2023-04-05T13:19:11Z","last_seen":"2026-06-07T20:36:24.295379Z","times_seen":62699,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":83,"dns":3,"connect":8,"send":0,"wait":13,"receive":21,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-20ce56fd.15c294da.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-20ce56fd.15c294da.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-687\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1671,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1671), with no line terminators","md5":"b014ba9b6b1a8ce293cf3a9c87d0f4e1","sha1":"f9cf61e0d14f854f357dbb4aeed0b89df06c8448","sha256":"b3c02f48829a863ddad657de072a92d20100b03030fd56a5c48f64040a5e393f","sha512":"62fc7fede640288d928f25e53977dfa38720c6492e0c70c7b1423801e326fc98e0723184476843ec1fa4a651a40bf7de92a073decbf466463f1b071dc9bfcb9f","ssdeep":"","tlshash":"7531bc4db9dca970a0afd1c5b2428ce916b26b13ef2313e1ea137d390ec3de16200164","first_seen":"2026-01-05T00:32:52.928984Z","last_seen":"2026-01-05T00:32:52.928984Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-559b9ec5.81c77a4e.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-559b9ec5.81c77a4e.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-488\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1160,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1160), with no line terminators","md5":"bd3b5dee1f65d8482acfde6011cbfb87","sha1":"90aff00006e0e148ab4e8b268f23974bdf4037a3","sha256":"6d61e50240721620b333fe8960291329c919f78a1211805df60e7b84da4aaabc","sha512":"8930bfc7a5e560396e3eac955cd073a1f65c7e47270cc531462467ba1d6115e51ffb10da53552ff5fb32b76e8f26c5d597cd0e89dda8233fa561defaa7a46133","ssdeep":"","tlshash":"01216a3af1ece1bce57be0a1bf904dc92010b3476512124cd95027368dbbea1ba25995","first_seen":"2026-01-05T00:32:52.931654Z","last_seen":"2026-01-05T00:32:52.931654Z","times_seen":1,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-2d0b3a0f.0cdd4f74.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-2d0b3a0f.0cdd4f74.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-1cac\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7340,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7320), with no line terminators","md5":"b38de372d4eb80879735fe4b1755be64","sha1":"920f00f70c6214641fec453c28dcf22e661a63c9","sha256":"a5500aa0dce091ba6d2519fcaa433c71efa06eacead9b697c4d2f1ffb5fbf6da","sha512":"9bcedffe6cacc4473da8968055718a8d59e1cbc4c1add56cfaf1cf31be19fdc2ab98ea89db548de9a97b0297c46fccfdc9f9f351607a3300a5d56fac8c6c29fa","ssdeep":"96:hmqgi1Qhc2ZMXKgzygWms6Fw3T9mblfBZc0d02dowh84lG2iN4XWb:hmU2ZMXKgzygWHT9CZ5dIkm4G","tlshash":"0ce131b2f54ad9bdec9b8016019f2270e2243be7c131f44abd74cda866d0ee0571da78","first_seen":"2026-01-05T00:32:52.933729Z","last_seen":"2026-01-05T00:32:52.933729Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-2d22d7d8.5a0ea38d.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-2d22d7d8.5a0ea38d.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-6e5\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1765,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1765), with no line terminators","md5":"6f35f626041d8847e96f2af35dd6842b","sha1":"aeddba2dcecc7a118fe792f22f5d15d163580d8c","sha256":"c634fe9d38da5c15481d42c85ce237299a17769e548e6f5fd65f40db84f987b8","sha512":"183a01015b361322112e65d0ff318af64b242f1f74f0047ec38c4f7b8599ae91fd42761315a69902e90a074239382fef4eeeced847e4cc671b5d5a00d2966f26","ssdeep":"","tlshash":"6d319b9e7197ac3e4ef94250360ee12672931f944f13c19477a14ed411f55b4172f2ec","first_seen":"2026-01-05T00:32:52.935817Z","last_seen":"2026-01-05T00:32:52.935817Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-376ffe94.d57a7c1c.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-376ffe94.d57a7c1c.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-3ef1\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16113,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (16089), with no line terminators","md5":"37d13a7625ad1fa2465fa7edfa43d352","sha1":"a11f9be7770baf8f66b9577bf8d1331f7e74995a","sha256":"880de5a37ce629c3cc52f1a925f2922da2624529050af5f66b66b162286c7fc0","sha512":"da490dc6ade0ab49ef43600d6fe699b2b30418554b842d36cd0ba703d8ebc47e05bc34afb011932a08b957caa54af6d0593b7f95598328ace6dc77da0ebb2bb4","ssdeep":"192:0DPDAksnE3JqJK2ecA5snE3JqJew2B3O88SvsD88S6urx4SGs6J5kzMp5MMAZ5oD:0kFNpFAt8yX8hurx4SGNWz6MSk8NJ","tlshash":"cf72c617f493242fda689111601d597090a72fe85622d08efb78cbf5abd4c742b2f6f8","first_seen":"2026-01-05T00:32:52.937789Z","last_seen":"2026-01-05T00:32:52.937789Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-51207ce5.8f4ec170.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-51207ce5.8f4ec170.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-acb\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2763,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2763), with no line terminators","md5":"09f04dfd206097488feb423729aed7c5","sha1":"2e7f5ce646c58ffa6373ae2cbe3e52a7837db794","sha256":"dc0b6dc9d8e0d1038fd9cd31028a9d0c42faad281ddf61663d0c16a59d7dd741","sha512":"3a4b17464992a0bb98ccbf92c577855acc1ce00156cfa61313edde2b8392aedc99dbb87c1d2a27a48cba76fda1553e90963d7b8f6f233b618886ccfc9374b391","ssdeep":"","tlshash":"ae5163da74a604068e5a72d7b07b89c42132739f6c44c942b396a0de3285dfc8e0edb8","first_seen":"2026-01-05T00:32:52.948414Z","last_seen":"2026-01-05T00:32:52.948414Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-2d2252b5.0da7a899.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-2d2252b5.0da7a899.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 933\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-3a5\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":933,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (933), with no line terminators","md5":"5e64077bf78ee04166d53b072a5c5670","sha1":"360c4658dcfd5fc87b46e2ccd11fb81d966d7cb8","sha256":"8fd18f8d9580d835afc8609684b00ea18131a93254725246b95a8cda5f7179b3","sha512":"0fb0cb392aeb6dc94ff3ee5704df7f58e35a8471411c2b1907742137496e3062ba3bbd0e2a24bd5c1f980db80fb720c05d4bd7da3307b4a73e7206ca81f5304c","ssdeep":"","tlshash":"2411886fb1d3d87c449e528b382f7252b05e1dc49e1508d46bf581c130f1c1dc13d8aa","first_seen":"2026-01-05T00:32:52.950809Z","last_seen":"2026-01-05T00:32:52.950809Z","times_seen":1,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-62b52f72.c0dbf0f4.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-62b52f72.c0dbf0f4.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-883\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2179,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2171), with no line terminators","md5":"d0924ca34f17c172c3fdd7cce1dd6e3c","sha1":"da933ddb0e7901f74bb71d9c8a19772fa858b89d","sha256":"6c4289537fe6c173f77a0f03bcdb77b6abe1fde667acfa93513b8776dc50c502","sha512":"5d06577475107e8b226bbd61d936bc7aff86ac930e12c8b74d6e7caa4cefa7f595459ef69031882d6186f6e64098dff82a34dd030845bd86301b7e34f6811169","ssdeep":"","tlshash":"06417647b197b41b867915e5701e818150316e883873d81bbff8c8d1a950dea632fbb2","first_seen":"2026-01-05T00:32:52.953177Z","last_seen":"2026-01-05T00:32:52.953177Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-694d2023.63aea7e9.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-694d2023.63aea7e9.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-c93\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3219,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3199), with no line terminators","md5":"35491059aa7c4b938edca12f41fa5e3e","sha1":"22e4248a4fd4afe41785001fbf2ec159abecd52b","sha256":"d20bc1805aa9a8f87888668486af3b53973f1ea61b9792ffba5021dc54e942c7","sha512":"50400ef2fd4246ca8827dd938821d69d957cdf58a1c61dba47d4ee03b9b035fc94536144e7da2adf62bdfc4aa68ed0aa3271f5859b81f7838e252b582fd5f735","ssdeep":"","tlshash":"ac61ea04d49799afe87e48d2521d8a70a0613faa8421e042fa6cc9b1b7c1d747f2dadd","first_seen":"2026-01-05T00:32:52.955995Z","last_seen":"2026-01-05T00:32:52.955995Z","times_seen":1,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-78f261c5.d99bea25.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-78f261c5.d99bea25.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:29 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-2472\"\r\nexpires: Mon, 05 Jan 2026 12:32:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9330,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9312), with no line terminators","md5":"e1af11ff9cffcde0b68e4a45d631bca8","sha1":"f501d5c3946f36c92b5167f2a9f9de7df132e3f4","sha256":"a6b03db3dc5ab07a2ffbd4792841b5ccbffe174b7f5a4b53d5d8e8a2fc4b4c7a","sha512":"86b00340858f394016f9a416c0a15d9872323ae38f2f98b393e41139e247af321af226f505cee4f4e98cfa980c0c64340b52ba109981e9a10f12f8c0cedc59fe","ssdeep":"192:A+UYWwwL94mfm9mzyVeJ6lDjhZiCjxSCqLw1lXTa6H8vNoL7oxlqz3wceLn9+zAH:A+UrMDlZdjKLw1I6H8FsU4z3o08l","tlshash":"fe12a61ed0c2647b1e51a0a4288ee814713b2f14a883c59dfbb84fe15b94dbc652d3be","first_seen":"2026-01-05T00:32:52.958277Z","last_seen":"2026-01-05T00:32:52.958277Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-ff1860d8.b35d36c0.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:29.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-ff1860d8.b35d36c0.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:29 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-a68\"\r\nexpires: Mon, 05 Jan 2026 12:32:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2664,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2664), with no line terminators","md5":"9d77160db5d2920cbf4c8455074278ae","sha1":"e0c43d658e6a40ce7e7ff026405ebbb88261ae91","sha256":"bbaa6e25d059851bd8782dd999a5d3285ccbe355415d7d4e886898ed381df72d","sha512":"a29c1e1721603e187cf07c903f12f358cc45769d0dc643f169253b290cadd489fdbe2d3bfd6d7b4c45ca1fd747450f0a843e65122d90201ee20498fb2eabcd0f","ssdeep":"","tlshash":"3151ec56a09fe67fde2a98115a0d2b30b0663ea750936445fab8cec94690da0770fb34","first_seen":"2026-01-05T00:32:52.961298Z","last_seen":"2026-01-05T00:32:52.961298Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/img/about.png","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:23.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /Finwallapp/img/about.png HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-411e\"\r\nexpires: Wed, 04 Feb 2026 00:32:23 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16670,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 487 x 402, 8-bit/color RGBA, non-interlaced","md5":"c19720660a82bae701f85126a8f368d3","sha1":"8ba188a86444181ab22e8fb1ff2cdd5fc7f38baf","sha256":"b885f26e1ee3df5487ad87f4172a7b714126a41b2b646515a1ef3245e3e69c05","sha512":"386667fe6b32a2c3082c59cdff1c4418597647379d8794cec15504e0279b47ffff1c7708d9e359cdf4dda1a176f2ec320df8c9b160946cd0bb887cc85abaa7e7","ssdeep":"384:Y0U7eQJsnXO+KKfAjGEnjA4F3sRzhF04QIFKy3oRlvJyvh8Tuyd:YLe5XO+KKfAjGEjA4F32h5SiglRyu/","tlshash":"0e72d09d0c7a83fc901a22d85085abcf46866905fd7ed4afc244428f877c593bceae10","first_seen":"2026-01-05T00:32:52.963318Z","last_seen":"2026-01-05T00:32:52.963318Z","times_seen":1,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-60fcb664.a206b443.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-60fcb664.a206b443.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-65e\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1630,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1630), with no line terminators","md5":"8c6e79a46caeddc1cd46f9bcd453e273","sha1":"b9e36bf7651e0a6ea9cf50c818755a70b42dc7e8","sha256":"f0d7b2ab26f2ce0bfd4bef77e9ee530dd6c5159db29926efc6f73879aad0cf7e","sha512":"c0e3b505edd21cce676825cd17cecebb66e5551e3c9c5511cc0e51ce41c7b17cca6a6645c628caba46ec04612e5faa2bd8236fe83d3a33d83ed3d57d703aae7b","ssdeep":"","tlshash":"9731cd21e1edf609b2bbe061708176ab7405bf07e0678b28d776aaacdcc32572352344","first_seen":"2026-01-05T00:32:52.965169Z","last_seen":"2026-01-05T00:32:52.965169Z","times_seen":1,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-2d21a3da.f82e85d4.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-2d21a3da.f82e85d4.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-4eac\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20140,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20140), with no line terminators","md5":"8e60a164c2a20fd675706f865f5d5861","sha1":"f4b4614e24838b0f2b28b373cb750156196dc8ee","sha256":"def15399270bf06d8c0b32b2935d9cec3dec3749bcd31fc6c8265c5f254e454c","sha512":"27a7be629b3905898b2bcda72506c922ea3344bf19205b7551a1f56a367ed00e6c82ca662971e883ff66cf28e471d2ddbab4e21f15846da9f232665fd555dcb7","ssdeep":"384:W3v3YBYcL1rAAdTRA7v0zwrmSHHHsglQFx+m1OPNtOVSLMyoLyUhyytGojYPFKp:ZzwrmSPG8DOyZUoy2m","tlshash":"cb92e6e9f35542f6525d5cc5286f201ba4a0a4262c1a41acbfb5c0e7e8b8fd1787af70","first_seen":"2026-01-05T00:32:52.966915Z","last_seen":"2026-01-05T00:32:52.966915Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-3e5f50e7.3fa490e5.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-3e5f50e7.3fa490e5.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-1214\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4628,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4628), with no line terminators","md5":"776979b50b8eca45bc458e5980adaa24","sha1":"e75487bed81929486ab8453437bd5007caf6b681","sha256":"2372476bd7fc2fd4ec5970accfa0c95f461a3a18fc2daa818fb90745b052edc7","sha512":"200d54fd3f69691516ec8d12cb67ac330ec4924db997f6ad252d4775d939f44bc1cdd6518799c888c26b1ea8b5c8c8802c56465ac69803aa76d6395893efe465","ssdeep":"96:q48I4C5jC1q/iG0JB7ijtL0szAOVwtCRb2aiLgj4F:q4iC5jIdLszlVwtK2aPG","tlshash":"eba1961600c368185a9591e624c9d920f0f43d65bb2ec998f3b1cb9a6ed4ddd0b1d3ef","first_seen":"2026-01-05T00:32:52.968542Z","last_seen":"2026-01-05T00:32:52.968542Z","times_seen":1,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-60fcb664.dbc188ac.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-60fcb664.dbc188ac.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-9c3\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2499,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2493), with no line terminators","md5":"40a57ed801c8a59028b0413c43ffb67f","sha1":"884609e2a23d1a1d8e020aa9df4dbbfbff7e73a0","sha256":"b84bdd9f5cd00cd43780490fb95c095feb36b7ea2a6f53aac22c4f1859b405be","sha512":"2a737fd28473afe0fb20a7f75a262502f4de2a599b12d31e41a1cf21e15db8c29d2eefc6bea638666ec49eead3ea1ef599bf6362be6a5f2054c45d57e0dfdf61","ssdeep":"","tlshash":"4151711e61c2a574a96240e5665a2234a0243bc4b62c94d4ffb044d176e0daf532efbf","first_seen":"2026-01-05T00:32:52.970098Z","last_seen":"2026-01-05T00:32:52.970098Z","times_seen":1,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-60058516.34e4d7db.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-60058516.34e4d7db.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-c82\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3202,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2982), with no line terminators","md5":"87775556fb8d367592eae7a87da301ff","sha1":"f3ca1a6918d4abcfceda95b49e185cdf721618f2","sha256":"573c376e8ae7b60a7e282b11b4a2961cdd8f19dd83c6cb348e591ef34ad9e577","sha512":"a654d8661bf80754fcb98adfffcc8e61ee804f4e2df14ed38a2112039b1ba637e617200a6779bc47b2d4db5d4c622ecc2787c87b18c942da14dd5e26b3f11571","ssdeep":"","tlshash":"3261418390e3986c893a9194704e6e781077f6087e4190e5f3b849f92ad4d68a70ebfd","first_seen":"2026-01-05T00:32:52.971296Z","last_seen":"2026-01-05T00:32:52.971296Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-cb8d65d4.152d4d16.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:29.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-cb8d65d4.152d4d16.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:29 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-64f\"\r\nexpires: Mon, 05 Jan 2026 12:32:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1615,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1615), with no line terminators","md5":"c92269983b15b9366f6a279919f4d88e","sha1":"882af12688ae6e2f325857b5efe6a30be1ee06af","sha256":"de893d68f02efdaa10c2d15202ca39d4023c8f070b9453bf3cfd74b9833f2b35","sha512":"3e2b6389f0095394d6b1f5fd5c365baeee07948cceba4538f4b9b62c49cf668a7f187b4f23e739bcc545374371958cc638f28aa2f967a1abe016e6ddeff70fb4","ssdeep":"","tlshash":"f631b40d30cbec2d18afd0612a1b9516a0222e946f7285e9a3b581e52270cfc671ea8c","first_seen":"2026-01-05T00:32:52.973261Z","last_seen":"2026-01-05T00:32:52.973261Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-edd04454.4ed416f1.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:29.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-edd04454.4ed416f1.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:29 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-d78\"\r\nexpires: Mon, 05 Jan 2026 12:32:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3448,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3446), with no line terminators","md5":"ca2244783ef9b519db84cfb50e58c8bd","sha1":"57d87d5d142caf6d4bcfa82d35bba5eeb6453ed6","sha256":"54a0abd488e8a3363f8a091399b2d5aa40d6e38e39f497f3d815b774b95e7c42","sha512":"befdc4b40b1168bde147f973f68a22748156208ea9cec049c45335101c5b401757ae3aa3510f963792c64b57a363ca8ea7bdb3483b32c70ba09873288397db1c","ssdeep":"","tlshash":"a76186396093ac5e95294250259d7530609a3aa46723c0eebbf2cdedc2dae78130f6f5","first_seen":"2026-01-05T00:32:52.976555Z","last_seen":"2026-01-05T00:32:52.976555Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-17d96eca.06032639.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-17d96eca.06032639.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-5ae\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1454,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1454), with no line terminators","md5":"4d5d38f4645caccb5cf7e5783af003be","sha1":"437747167062311fc606491f936fef77882ac678","sha256":"c9616761513e837cfa9f1a3368af15e535c1875f49a974dadfeb169bb0216c9c","sha512":"9dbc136f3379160005210a8c9193febcd3ec1bf14f500b596a3e56ebbc423cee79f4d23c02d546f99c3f52961dd051d00a9794fef5dd57d8b52a520fd7d98e6d","ssdeep":"","tlshash":"12317a26305d1a37a47bca2414b0458ea176c247960b8f6e1c36df7dbea75d37623384","first_seen":"2026-01-05T00:32:52.977753Z","last_seen":"2026-01-05T00:32:52.977753Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-112e4b95.94abbf1b.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-112e4b95.94abbf1b.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-16d8\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5848,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5836), with no line terminators","md5":"e2ac3b54017c47c2839df9900aa69eec","sha1":"4ede9f575d311465e57661829be7a4d957d6c398","sha256":"b0f289c1e097b04750af1cdce8b668106270cebbccdc503bddf91e0e972a3722","sha512":"70e3c37bcf511fe885be7b6cfc576ff4e0cb848e1a6f762bddaa00d85192a26e016b0d2ee1ad0d0fcdf53671a810662fc56021f7c977a760f29e33080eec5dbd","ssdeep":"96:MyJPxVzAFa1ZVIcMn/SOclRYnVYN/VdH4pePN+84E:MyzVUFabKIOGVdJ","tlshash":"aac18412e453b84bdd2d9091601da72160e13b8f2293c08db2f4dbd99ad4bf81a1eef5","first_seen":"2026-01-05T00:32:52.98046Z","last_seen":"2026-01-05T00:32:52.98046Z","times_seen":1,"resource_available":false,"data":null}},"time_used":520,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":520,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-6b5faf12.63e16846.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-6b5faf12.63e16846.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-13a1\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5025,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4902), with no line terminators","md5":"92ed577472be9e13cd866a672e2ee5cb","sha1":"73d4ab45ba0925b796aa611aa0c0dc75e2af963f","sha256":"df5abd51a78bf8209050317b3cd61802f39141b45d5de4f1f263caa1cbbeb638","sha512":"0b4e91090a7d920adb941480bf322759c29acad735609825678a23d3a7feda9f91b8b6dffce19e3ed31bdb3d63892ae0bd759007031633cd6d4238a8015e2ecf","ssdeep":"96:jJCBCFy6mHQxNP6Zwssd6m+/vFFeUMroi0LFA8Op6MWr61v6MrUe7Mx+SWANNf/R:jJCQFecpUvFbN","tlshash":"c9a19b0b79e6b36eac5b92c5223d4435557b2f782024ead69b14cf806335ab01f5eb1c","first_seen":"2026-01-05T00:32:52.983019Z","last_seen":"2026-01-05T00:32:52.983019Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-7f0c267a.807c0a8e.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-7f0c267a.807c0a8e.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:29 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-1132\"\r\nexpires: Mon, 05 Jan 2026 12:32:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4402,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4378), with no line terminators","md5":"2d24b3012b09340db0ece9bd4248b592","sha1":"f661adb8513707190759afc2955750d0c509177c","sha256":"6d8a80ec1ef462cbd12effc6f544741e778aade693833184f8ff3663eac855b7","sha512":"970c6a56716c27e37ba8195f1a5f2273c47c2c55fbead20b4b3c4cef9f4e0dc1ae1de4c89c75076abab5a8b841dd9b9c1e5aea815eab41b0b218a64a6020cfd4","ssdeep":"96:h5n7/b3qVXS8yvVzJhT6pZThrYqHjbE7W4lRH:vnDlVxIZT9BHjQRH","tlshash":"cb911aa098c2d89e4d3ed1ea211fb271bc563fed689014c2bea8c75259e057e2d1e50d","first_seen":"2026-01-05T00:32:52.984968Z","last_seen":"2026-01-05T00:32:52.984968Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-13aaa7c3.9f60d97c.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-13aaa7c3.9f60d97c.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-c85\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3205,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3205), with no line terminators","md5":"bc0617251e06968076d3e8e2fdcdba4b","sha1":"1601eb03ffda089b50a1f30a5e3203981e2d89be","sha256":"975fb76851a2201294d74ac5a96fb6bd740ef6dcdc175423dff52cf418db2f0b","sha512":"195fff4667713702e5b0b8f72a1240875d192927da65baa6c4b13b227360eedc9984153794afd691f7993652f642792b69c61b0f1c3353cabe95e455fd2a34bc","ssdeep":"","tlshash":"e7610d35a1db666ff43ec1d0105d552270712b910993c04acea8db55e3e9d342f2fed8","first_seen":"2026-01-05T00:32:52.990333Z","last_seen":"2026-01-05T00:32:52.990333Z","times_seen":1,"resource_available":false,"data":null}},"time_used":374,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":374,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-43dabeb8.4a0bc502.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-43dabeb8.4a0bc502.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-2606\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9734,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9711), with no line terminators","md5":"e26d8f431441865531c4f3a6ed3eec31","sha1":"68f7498e881de6ea8c620a9cf81ca5b9b6e9f2d2","sha256":"53db85babfa4b88cb53e24414d17a3f9cb412731044e7e0211bc0e42cb028d3f","sha512":"7934a6ce10b4e59168903bf34e5f6912df84d88f06b500309efc64eb64aa2258b3dc1accad336d598125897441477b83f26f80adef153f03e27ebf00fd345813","ssdeep":"192:HOfIThnCs1e/eAWNgEEePpWGKrpFXDbh+sxtEc2RQTV36+wpt:HOfIThCsE/08osDEDXpt","tlshash":"2612740a10c3692eae50d1f020ab5da0a0655fe4e529ce58b3758ed05fc5c7d0bbdbee","first_seen":"2026-01-05T00:32:52.993517Z","last_seen":"2026-01-05T00:32:52.993517Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-ea5080a2.2503699b.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:29.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-ea5080a2.2503699b.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:29 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-5af\"\r\nexpires: Mon, 05 Jan 2026 12:32:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1455,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1447), with no line terminators","md5":"c08e8232340765a25afaf8f7090ad561","sha1":"b68cc3b9d6d9a47d03aa3a8427bd8a7b78cfa650","sha256":"550294511fa0fc5dcddcac302e8c8e8ab63fb98b610a15d14b47d92487ad89bf","sha512":"68c921f1ef556f331df98fc8f90506b62d642acf133b019406a161e65448ed155468580a339b0660edf548ece4e4730ff82d82a746eff1251bb2be068198490b","ssdeep":"","tlshash":"1f31a72810d7f0ac66ad5485b06f37b0d21636ec19144292ff75c886a6d0e89023f7b8","first_seen":"2026-01-05T00:32:52.99513Z","last_seen":"2026-01-05T00:32:52.99513Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/icon?family=Material+Icons","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /icon?family=Material+Icons HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\ncontent-security-policy-report-only: script-src 'unsafe-inline';report-uri https://csp.withgoogle.com/csp/script-inclusions/bcfae741e379a885f2ab2cf83ebe6d32\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 05 Jan 2026 00:32:21 GMT\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":565,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"2b7a8d84952a9183b106df19f711324e","sha1":"a92c5e12b422bba9ebb447e1852d9681487361bc","sha256":"282801a0d182035440d5ef6d429d227126d2e6720a52b91d31a7d746c758154e","sha512":"d7ef3f86fe9fa5730a118c688b8f779e82ec3695df5ec48953905ed078ef4d78a3c8005021574d936f69ff0467968b6e68fbcb0680894470abf8f26200af2e0c","ssdeep":"","tlshash":"c0f0c064be0a988566110c42370f3f164d1d401fa80ac8fe8b911d4c8cff1bb134670f","first_seen":"2025-09-17T21:11:07.996842Z","last_seen":"2026-06-07T20:36:24.193723Z","times_seen":46770,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":100,"dns":1,"connect":20,"send":0,"wait":25,"receive":0,"ssl":90},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-3a584dff.78b0d94c.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-3a584dff.78b0d94c.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-67f\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1663,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1663), with no line terminators","md5":"65ee7bf6267528261abbb3b30763faa8","sha1":"feca3ead50e53a26c16ab047c1226d5c2bbf490d","sha256":"077cbfa579a1c375a250cb87a704180d9bae0369429e3691ea847370bc632bb7","sha512":"28340516ceb7b9661a4518c8a80fa141d0edaa44b91cab20c0028e7add34dbc6b60dfc709ce362c476b22702b039b3cffe6f781015e99772768f9c3233248c20","ssdeep":"","tlshash":"0b31de2a695c2120e61fd1c1fac2c5d62d74771339631362e5057a38ae8f9f36621ad4","first_seen":"2025-04-21T11:39:25.188787Z","last_seen":"2026-01-05T00:32:52.997404Z","times_seen":2,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-0b9cf106.fda2f294.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-0b9cf106.fda2f294.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-a6f\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2671,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2671), with no line terminators","md5":"32531949154495ddef1bcb29b5c47559","sha1":"1334edb7c306e38c1205a9ccee1edd48743cc61f","sha256":"d2082e1efc829c716ee0679ce693b77334a54b1af9f5709c7a0f1b282db80509","sha512":"dc93a0927619675a3c32c279351cc093130a0be9bd54701bd8e41e9347a213f2f95af041de9016bc91d2fd77ca67ea52761de7ea819fa99d59a27ff8910b251b","ssdeep":"","tlshash":"1e51854a60f2550bad258291710b00f7a19331afa481984cf7f8f8c761598f8367abf8","first_seen":"2026-01-05T00:32:52.998745Z","last_seen":"2026-01-05T00:32:52.998745Z","times_seen":1,"resource_available":false,"data":null}},"time_used":532,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":532,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-1562511b.7ccb570d.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-1562511b.7ccb570d.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-8de\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2270,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2270), with no line terminators","md5":"a7a2faef94b61ccba88a520925f08ea9","sha1":"8e3ecf6a9693dc12b78ce3be530e0414ed3c325a","sha256":"8231873f3e627eaf3f4ccfaf0dafd9e04f0cf0a1139b14fc284dacd0b3bbadb3","sha512":"738cf0fbbf7f3e006caf59ccc7763c59544a0cc0c214ddc0cdc8936c7c50d2a8bbe422db653ca9eaa07ef71de8d3786d29895a123294ac3dcf7faece4cf5f70d","ssdeep":"","tlshash":"ee4152086093640e75bc5181702d9b2260377ec81551d19effb98bd4d691c253b2ebfd","first_seen":"2026-01-05T00:32:53.000343Z","last_seen":"2026-01-05T00:32:53.000343Z","times_seen":1,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":318,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-ffcc214e.4cf847ef.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:29.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-ffcc214e.4cf847ef.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:29 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-8a59\"\r\nexpires: Mon, 05 Jan 2026 12:32:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35417,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (35359), with no line terminators","md5":"6da4689041f69cc91c605725d5d30d4b","sha1":"de6491d43bb8fe10f35716a65166c7eb5bfe77cb","sha256":"68ec988c922e74134a3fa337ce2cd9f67862b50f5c49fb7e128def6cf1b1b78b","sha512":"eef4f9595ef27a3737976eef45ae148f429a506d1215d09b3e1d05d34238dcb23c9239cc257226b972bd9d01a4c6c10d6a8cc274c74b767ec1d23acfa0e2a324","ssdeep":"768:94W4H+GKe1SH/yToKRMeiRdQOXQOFQOgQOpQO5QOuQO7QOoSQurEVsLdLt83:9WJseiRdQOXQOFQOgQOpQO5QOuQO7QOW","tlshash":"92f26c2ab847d86dcd9f8960512e1d31e0750fac9635e189f33dcee567c0aa05b2e36c","first_seen":"2026-01-05T00:32:53.001853Z","last_seen":"2026-01-05T00:32:53.001853Z","times_seen":1,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-2d0c4856.5c8e2e76.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-2d0c4856.5c8e2e76.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-82e\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2094,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2094), with no line terminators","md5":"5a0063728b3d4ea71e4ac80ef72c21fe","sha1":"d428936e7eceb0f57c47f9d230fba104814f85d8","sha256":"d64c23ad5d2ace60f6df12518598b4217a82b87e412807fdfeee18d984c92077","sha512":"87d1d20957df7e431456e2b866559b57a1957d5eb7aacfed85b3e1d3af0387d8f64ac051d1cc2ccddf991251cebdeff3b4b4fc0a269c52b02179a3b56c0b7d1f","ssdeep":"","tlshash":"8b41ee0f71889e374cad10963dcb9060a11b3ead59a3444c36eac6ff61eed3452289b8","first_seen":"2026-01-05T00:32:53.003453Z","last_seen":"2026-01-05T00:32:53.003453Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/static/laydate/theme/default/laydate.css?v=5.1.0","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /static/laydate/theme/default/laydate.css?v=5.1.0 HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:22 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d82-1e14\"\r\nexpires: Mon, 05 Jan 2026 12:32:22 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7700,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7700), with no line terminators","md5":"4da4f4f2da318714d1a0a5070adc9f85","sha1":"59d2d47fa81bdebdef1f0ba48ec190cf187485d5","sha256":"a12bf87a1898c5d47f4c18dcd6e84112c77e832534774609124959c52bca0875","sha512":"8d841e4b0a440f5ee7273f64ad8d41795e85f4c9e6cf10fc72e62c8c1b878ca3305dd3d5abc0125a0175db8b2e127d5e414c1eb7352777a0dcc0ca33804457a2","ssdeep":"96:7OyLscW44i4ijYTq472w7hlVYZ4K/Lk5bYsBE2rBOB:7Oo/2fy0qK2wFYq9brBE2rBA","tlshash":"76f1ef7161502cd4706fc322b4ac3cbaaef8dc12dae3165ce5b8621b45c25b7a57d30b","first_seen":"2023-07-06T08:21:16Z","last_seen":"2026-01-05T00:32:53.004826Z","times_seen":16,"resource_available":false,"data":null}},"time_used":794,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":794,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-112e4b95.e5c167a9.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-112e4b95.e5c167a9.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-92c\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2348,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2348), with no line terminators","md5":"a43f9a1a313453beb29395e87b91e379","sha1":"fb4fd56197cc013276db6d2b91a314f67c4eeb77","sha256":"151880825f32b8b8187135a6effca8993c30d1ccf5b9d3603eb9bef6bbbd7f03","sha512":"8c36a7d7103bb30248336019c836861c42c3b249391439bdca4cb0c2dcc4804c5eb203827bf57dd932b6a24cc0f3248a305d142a2f83e3041ec36b42dc8625d3","ssdeep":"","tlshash":"7e41ca1c75ad7420b83bf95172c18cd934a07357926343aabe8030fdddd78e2b32a949","first_seen":"2026-01-05T00:32:53.006624Z","last_seen":"2026-01-05T00:32:53.006624Z","times_seen":1,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-33de8bff.74e00c11.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-33de8bff.74e00c11.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-491\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1169,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1169), with no line terminators","md5":"97e78575922724691380250e0978ed3d","sha1":"6b0522122fb2f11506a2fe0b362676d6f2fdc7ca","sha256":"4579ef710457e952b879edc33ca2d305bb338905736ce768b2296082723dbfbc","sha512":"20d7c89689406eed497cc36f77fa33910e484e1977d56c89d247ef2000959d2bf794fbfdc057213b0b69e21897c3a0d0232294e612d63905cb87aba7a0f1b310","ssdeep":"","tlshash":"be21be2ef58d6888b83bd1283df2b58c7c197a0b66270b3fe4085da6d9435f624391c2","first_seen":"2025-04-21T11:39:25.152985Z","last_seen":"2026-01-05T00:32:53.008053Z","times_seen":2,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-43dabeb8.b7ee5777.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-43dabeb8.b7ee5777.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-db4\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3508,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3508), with no line terminators","md5":"a738d97d3f8d4018a7a79996aa854318","sha1":"52dcd9d0a2548f31ea0c7ca08bf7489dcfcf17ee","sha256":"010fad86817a3fba6d6d02fddf2f98ce7ff1147f93dd0688e890e13977eda303","sha512":"d1480c870d3a5857f550f52bdf68f8ce95131174ecc4b5ffb7be5106d967ca8b49d4223eaf7ddacd8d4b7824bb00907f86ad1ad682aaa5e145f8313481bb49a0","ssdeep":"","tlshash":"2171bbd979cc2020a52fe190f5a3a4f570107b9b9e420b7b9a09f236ce975f36113db9","first_seen":"2026-01-05T00:32:53.009522Z","last_seen":"2026-01-05T00:32:53.009522Z","times_seen":1,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-6b5faf12.46808a0b.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-6b5faf12.46808a0b.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-75a\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1882,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1882), with no line terminators","md5":"e9cb47df762003db682892ed07a06497","sha1":"379712dbb95efa6d009e5c8d88df0b1959faed70","sha256":"3a3590d3ff4520b1a874cc7f943206c21729de6b5fd5c6b6ff1666e6048a0a7b","sha512":"b493397f785d98b992ec53bc0cb601a908e06f46193b149dd893b527b503e3324fa49218e8560c2e57db19ee332d0bb0f605c07b3100cd5c00ce21b9fe658390","ssdeep":"","tlshash":"11415a21730c601c7a2bf35825a146c873093b27e74fb2756d93227bcc235e29aa1b08","first_seen":"2025-04-21T11:39:25.197819Z","last_seen":"2026-01-05T00:32:53.011006Z","times_seen":2,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-2d226378.151c8b96.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-2d226378.151c8b96.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-2945\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10565,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10491), with no line terminators","md5":"396c2a9b98084b2eeb558b9799a62ac8","sha1":"fc459a22768646058eba07cd9e9f28de6ef41688","sha256":"7b65c56fad7ccc3e4c26f649168639b12337276488e770c64afd133ed4a91103","sha512":"54ff364f3c2509ad21d096a5bed7a0fdf6a9b4db20d8b02415a26da0f201da36e339d004d3c9f02d0f0e15d6b688b50318ad7a02d3eeeb4f136164c1e3e6c8a4","ssdeep":"192:fCTXwgkiGQqyQq2WQqsQdGmHJ5kzMaC/m5MMAu658XE:fCTA+GQqyQq2WQqsQdGgWzTCoM8XE","tlshash":"7e227456b452e8aecf5ac111141e1a31e0e13fd99262d08cf7b5cfda6ad0ea0171eb7c","first_seen":"2026-01-05T00:32:53.012445Z","last_seen":"2026-01-05T00:32:53.012445Z","times_seen":1,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-3a584dff.e8fc9fd5.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-3a584dff.e8fc9fd5.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-111b\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4379,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4379), with no line terminators","md5":"e3915eb314634e4d437b7445aba8a084","sha1":"64ed7f5861fe98c2582ac258556f7c97b70150a9","sha256":"78f5f46af3a1923096504c21f4a692f76c31a8b850e3fb54f949d09d26bf1fcd","sha512":"0c49f610755de03b4f02be4b4e425556c0fdd2bd16f617c608adcb77ad7bb69a412d0b87511a55501569ea80a7aeefca544197df0cd779b0ec07394545d9ef9a","ssdeep":"96:1NAid5WZd8FKTpCaWt3JgnLexUoQJiHxC5:QggvIKTyZIL6CiRM","tlshash":"f291841e70c3a82e8e5481b0284ed864b1973e946743c0dcbbf48bc5dad8d38261f6f5","first_seen":"2026-01-05T00:32:53.014163Z","last_seen":"2026-01-05T00:32:53.014163Z","times_seen":1,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/css/style.css?t=1693432000000","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /Finwallapp/css/style.css?t=1693432000000 HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-33b1e\"\r\nexpires: Mon, 05 Jan 2026 12:32:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":211742,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (629)","md5":"28cf1ddec162060c1984bf7b642aee96","sha1":"bc5ba6afd118d164fac5c780efcb4597bd15ab90","sha256":"c53ab5b899d825b42eacdc6e5789171e525110516d09eaedbf6e6d1aeeef4f2b","sha512":"4eba4d2ab40144bdb6d4a3aed41a4145eacbe665e0efd5025d0849fe17989c31d6c9ccb1cdd3ba7321b88b4df1d8fce813cffdf3d38c8d9176825a41a943b381","ssdeep":"3072:xuHewU+zSwfwu/zDL4iDF4ROEiJi0Uzbd:xuHewUzwou/zDL4iDF4ROEiJi0Und","tlshash":"bf245659fef11504707b926c6496ebe57b2e8082c61ecd7ab6e23128df4d3c54cb2e48","first_seen":"2026-01-05T00:32:53.015697Z","last_seen":"2026-01-05T00:32:53.015697Z","times_seen":1,"resource_available":false,"data":null}},"time_used":512,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":512,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/app.267c915f.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/app.267c915f.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-6ede5\"\r\nexpires: Mon, 05 Jan 2026 12:32:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":454117,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (54698), with no line terminators","md5":"cccf6eea2d1ba56065d34fbd0890c7c1","sha1":"cad3d9fb31fe6de5beb3ab2480076ef1f2b6229c","sha256":"deae0860ce0b9fa81287418fd30f69da867837a747b9d5265e463da776d6a3ed","sha512":"88a78443ed5434765dc66f05e2e6ca3523dd55a5d0bb6093b0cf2740d09148235d737441b66168f45cb94286581232d6dd11f809cbfe072d3b10ed091a11858e","ssdeep":"12288:bSebiizPg+qSH8fkhdRm6pSBMg5GLfR9AkTN+9AkMLTx8fsmNEDZHMcNt3mG+LcP:ZXPg+qSH8fkP06puGLnN+9AkMLTx8fs5","tlshash":"45a47c2d51d96fba5ef70191f1233b855c68cacdf18c946ad2dce3ae00cebc4526b294","first_seen":"2026-01-05T00:32:53.018124Z","last_seen":"2026-01-05T00:32:53.018124Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1030,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1030,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/favicon.ico","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:23.747Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:23 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 63228\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-f6fc\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":63228,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 903 x 903, 8-bit/color RGBA, non-interlaced","md5":"33f080dce107348a02227dbe4befe83a","sha1":"20dbbeb00f63939d50adc9d6524a6c2678408c8e","sha256":"0d23d131323d73b4b170dc54596944d04d1d6ceb235885b72b06457084e1fc0e","sha512":"516a4a3b8760b27c1fb5563d140c6255f64b0db2d704a73c0ef1090ddf4c8b532a92f00b22680d04fe6872d3f5084370ae07255229dcc7d273fd9cff9047e80e","ssdeep":"1536:D9M5s0N1CeO/92rrpSp56NK8ohip0AHA/Y9V0qa:xCvYp/61Spwg8RKY9V0qa","tlshash":"9b53df37c2b54177f8b11b3861222f025565acde893da90b84c67c5ea37eaee3c71c58","first_seen":"2026-01-05T00:32:53.019483Z","last_seen":"2026-01-05T00:32:53.019483Z","times_seen":1,"resource_available":false,"data":null}},"time_used":310,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":260,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-84e98728.0319dabf.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-84e98728.0319dabf.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:29 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-461\"\r\nexpires: Mon, 05 Jan 2026 12:32:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1121,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1121), with no line terminators","md5":"e37113fbafd5e6dd2d2b6f5f93556104","sha1":"6a74ca8479b2cdb8fdf39f3ff1dbea0c57d3056f","sha256":"57a70ceea14a745abd187dfcb1c4ab37aae8e36d73448a64b5aed7e1ff7e85d2","sha512":"fa38ed96c1dc572345d3b47ab26a215d22385bab92ec17685f7e7695686b9530cfaf906f94cb0b1b38c037c602d00eb8c68fbb206c17ef96f7b01a5c3bcd1d02","ssdeep":"","tlshash":"b821ee7b7019b1092e5babdba02b22f440e10598bd1b0ced7bb8d1d000a59c5097baa2","first_seen":"2026-01-05T00:32:53.020931Z","last_seen":"2026-01-05T00:32:53.020931Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-fa0359b2.fa04473c.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:29.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-fa0359b2.fa04473c.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:29 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-1ea4\"\r\nexpires: Mon, 05 Jan 2026 12:32:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7844,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7843), with no line terminators","md5":"3776f68841fdcd8f2d91f78983a64cd5","sha1":"e8c2a8813c63d9bcfdc69bbf505d1d791a7b18ac","sha256":"adb92a4d56b81391a30dc1e60b0681f973412add87b4fd1495bd8815f19948d6","sha512":"54fd175c41bb324fe5b973f43d9625a743b09c74eacce738ace7c52503fd6f205b3f79a59d67f74f74c8192265c122339c2ea7e61ad9866a4bcf8e2a10ca4c7e","ssdeep":"192:XZXsHhugfYYNdqJ9w3BDezBgXwtmzsuyFsQ3CBY9QiGlKo:mBugfYYNdqJ9wNeyQ3CBrn","tlshash":"19f1444ea0d0543ede2504a1100acf55f1727f2fa7ea04acf76496c48bc9eb8e94d6bd","first_seen":"2026-01-05T00:32:53.023001Z","last_seen":"2026-01-05T00:32:53.023001Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-fb4b0e6c.24d99bd7.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:29.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-fb4b0e6c.24d99bd7.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:29 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-e81\"\r\nexpires: Mon, 05 Jan 2026 12:32:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3713,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3584), with no line terminators","md5":"7d70fbc39d937e7ee51c5cb367c091f1","sha1":"19d552a888106426fcd54e068bbd9a6e38809d5e","sha256":"94a9dbae30fc6edd4764512aa673aed3ff6c57f417ab26f4f6e684365b2cc097","sha512":"1468604ee3315c0d4adeda1735cc295341424655e6c3ccb0c821413a0de352ca21646892adfe44a7fe66f865d95e2a742ac45780883d9c6afd623280733a9fff","ssdeep":"","tlshash":"2a71531e444ae5aaddf040d2e61e05a1a0ab1fd8600510dabfbcdef857ece3417bd934","first_seen":"2026-01-05T00:32:53.024739Z","last_seen":"2026-01-05T00:32:53.024739Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-026eb032.67fa664c.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-026eb032.67fa664c.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-75e\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1886,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1886), with no line terminators","md5":"9d057e70463fc2cc3f04092cf2bb73c6","sha1":"89edabfe90bcc71722e6dd27ac050dfa32ea2705","sha256":"7ba6a03a3ae14221ac654c9daa543ad2014aa86386d186666dbb76ad2db66daa","sha512":"e347bc987886a8fdf8122ea7c3f4576b6d91f7884c6709b3013d57625357daf5cc9aeee85ab425eae3c66180743e2246a030e2ea56984ec9f986813088faa54a","ssdeep":"","tlshash":"df418636d283210cb15ea0247ffafedc50058048562b0f709e953a72cf491ab12373c6","first_seen":"2026-01-05T00:32:53.02634Z","last_seen":"2026-01-05T00:32:53.02634Z","times_seen":1,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-1285f274.4948f42a.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-1285f274.4948f42a.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-84e\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2126,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2094), with no line terminators","md5":"c1eb165ace3b8682265bee4797a2943b","sha1":"28bc49ee875194a72feb07d379db28ac61994c6e","sha256":"6d848e7e68272bc2ce440816566e47dd47a8d90428833c94ebc8233125ba2029","sha512":"5cbeb3b77dc613cabdf4faf7d425fb030d477b07afa19103b83f8468836c4f068b61f596749cb55ac9537b5edda655960b299d7e1cb7ba78da4ec76dd643bcaf","ssdeep":"","tlshash":"5241c92a71d5f4ae2657b0bc313f0a0b61bb36783d290955daa3d68059751fc3707e0d","first_seen":"2026-01-05T00:32:53.029021Z","last_seen":"2026-01-05T00:32:53.029021Z","times_seen":1,"resource_available":false,"data":null}},"time_used":519,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":519,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-20f00924.db390de6.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-20f00924.db390de6.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-5eb\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1515,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1505), with no line terminators","md5":"ed4bc07f0da43bc5fbc3ee259a261ead","sha1":"f137f57900221d8f9c45bffa22b534eb22583a53","sha256":"8f65ab20dde08303ea3932b2aa2439f66a39b4a36f5d002a86ed8f8cebab1c18","sha512":"0f2652ffe43a71d32b1f7e828a3b4065e42efe8260e648563573415b202404da3576afffba71019db3bc7693af05fe9d31a6e9ff5de545b94ced332e21ddb0b9","ssdeep":"","tlshash":"6231b54f7083d02c0ae05089a87e2bc571ad3d88693059edf7d5a8c0e336c8c0738439","first_seen":"2026-01-05T00:32:53.030538Z","last_seen":"2026-01-05T00:32:53.030538Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-vendors.f6b7d0a4.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-vendors.f6b7d0a4.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-20f07\"\r\nexpires: Mon, 05 Jan 2026 12:32:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":134919,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"001ec170b4a5a6d8818de2504cfbebab","sha1":"796385458c7168ad095cfa3dbe79785b34509204","sha256":"e0b6f0c561a0090590bba66e11ea72cdeb5e998d979217e76e1b57519bd9d33c","sha512":"db3eb581f84b1415871d9008149c4e637acf95a1f763aeb794b4ee3c5635ec69dc72fe20fce36a6a6815c7963c82551fbb2271eeb7e85d1c60596fc576c44761","ssdeep":"1536:P3MjHFN1YUGp7bbTuy4asbZwuJgNOft11yy1UVFHf:PIN1j67/CyfaFOHf","tlshash":"87d3d42786c4236db31bcd209bc066d5e224c023e5221bfdf1557a2dcfcbb960696b5b","first_seen":"2024-01-17T15:01:21Z","last_seen":"2026-01-05T00:32:53.031625Z","times_seen":13,"resource_available":false,"data":null}},"time_used":792,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":792,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/img/11247.97193639.png","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:23.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /img/11247.97193639.png HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-12c2\"\r\nexpires: Wed, 04 Feb 2026 00:32:23 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4802,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"971936398f5a35bac4ea8fce0077e7de","sha1":"310955dcdd0afb3c2f33aade54c4c76f776b7146","sha256":"d5bd3818f651bcc68fda48ccf3453f9e7a4e8fab7baf0249e18d4ccdc20e3789","sha512":"98a9cbec6f9e2e4fe339169c53e646265d60081e63c114d91f653f8b2ffa7b38056b6d932297a3b36e130b7a59680b8b1a099dc0ea182c5271cb21f99b28af58","ssdeep":"96:eg6IAwtdPhwKCB+tOBZ0X0NFTA/pwWvFl5dWZDRKIleYiomGJaWDnjDPaz:egdAqNZCI6+E4/q+75rU60lXaz","tlshash":"5ca18c69eeaf96c8530cdd0a8bb40a0cf0c02c17f91530e5b61a1d2718dd77d0586bb8","first_seen":"2026-01-05T00:32:53.033151Z","last_seen":"2026-01-05T00:32:53.033151Z","times_seen":1,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-28bf07bd.5410ea8c.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-28bf07bd.5410ea8c.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-4dc\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1244,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1244), with no line terminators","md5":"f493c186763ba378e1d441f47e88cc78","sha1":"69eb67bfdea35b9c087e66434d4ef782520e8139","sha256":"b5c071948a634c0ae72388a277aedd58d8288ef5ef70c18fe8f66aaebd8e502d","sha512":"b9524f4623a4e4d591d55a7a7ebc69e885bf56a6f42c09ec9940a3a34a6861711d9896a84536da7a685644a137f2f84d1f055412b2e0675562d04a744fee9028","ssdeep":"","tlshash":"b521243ffe0c3318d137e915ac826cc87501a337d1a754dbad486b2bdca78f61914188","first_seen":"2025-03-10T21:09:03.04722Z","last_seen":"2026-01-05T00:32:53.034664Z","times_seen":3,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-84e98728.74548757.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-84e98728.74548757.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 61\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-3d\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":61,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"8a248bc7ee07b5eaf6ba48f9f2ccc57c","sha1":"d3c679d42dc3c36d16f4fbbb81807b7783de6b8d","sha256":"dae716aee4a869b39078b5665a8c33eef1591e4ccdbcc5b4479799a5118f4bb5","sha512":"47574a93e2f3fe5cf0927b104d848086db0c31f492494f9652f0bfae25a5c81a0929b2af71032f93410e2e1b3fcb42a64acb3340c600c98d40c8c916fb79573f","ssdeep":"","tlshash":"8aa00205f88c4409625aa3ca4484e1e81d345191460007117ed9f2646e573d23086e96","first_seen":"2026-01-05T00:32:53.035759Z","last_seen":"2026-01-05T00:32:53.035759Z","times_seen":1,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Nunito:wght@700\u0026display=swa","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css2?family=Nunito:wght@700\u0026display=swa HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 05 Jan 2026 00:32:21 GMT\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1797,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"9925f665f38bb0e247b33ba5d87c0aa9","sha1":"59babf56ca3018479c8e45e9c49af189194636b4","sha256":"bbe11c334c95d54047de2d329ffab7d6b06d48636d442247cf68a0d3f6ee5376","sha512":"210d0c2da89693766885e0401391d1728e8d63755a790e12ddbcf5300ad4a76a08db5e9d523a3ef1cfbcc834214b19a2293bb481ea4ecf3e710cf18de3b27922","ssdeep":"","tlshash":"2b31e092045ad20097432cd223ce7e33ee8e610578658876ebfdc888ed67c236234b0e","first_seen":"2025-09-27T09:01:09.41085Z","last_seen":"2026-05-30T20:47:54.552407Z","times_seen":18,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":97,"dns":0,"connect":7,"send":0,"wait":18,"receive":0,"ssl":99},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/js/app.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /Finwallapp/js/app.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-2d62\"\r\nexpires: Mon, 05 Jan 2026 12:32:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11618,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"976732ddf8755dc3acce7fef56dca8e8","sha1":"4b56143250fb70ec30778908c2c36aa317b43cf5","sha256":"80aff8468cda3f9a582624afb5575ce1b35c38aacea30297d00af2e1a6259c53","sha512":"11bafa2ad99fa31ee5890f2a94a4f2116dbac5a5cbf34a8b6753013fcc9954c89d3ff103afdbd3f93ca7ce80a7fb1ab505099f0e2e0338f7fc1d2f7536fe9225","ssdeep":"96:3qb2qdbkALgWKotepW1AKjd1KjU5QAgCNBKCx4B7XVd:3qCqdbkAL7XIpW1AKjd1KjU5QAVj4pFd","tlshash":"ff328c85e80514aa5833eb3f5e3ae304f6670357918a996b3cbd8d44cf720a8519def8","first_seen":"2026-01-05T00:32:53.03793Z","last_seen":"2026-01-05T00:32:53.03793Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1023,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1023,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-162602f6.60e5bc3a.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-162602f6.60e5bc3a.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\ncontent-length: 695\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-2b7\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":695,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (695), with no line terminators","md5":"14ab9fe3859accebb1e4023e1fa08cc1","sha1":"a63468aa68d0a283d1928c58713aaca3f385aa6f","sha256":"09da493fb9a01734a9e66dd8f084113986b87cc79c230302010cf8258f7bf7dc","sha512":"0eae425dafef1ff77afc9808d9b8d8c88a4c67d831736d43a517ca8818669e1427faf2fe3bb1744c0754dd8912819d555b0684c4acf9e1836f5a3e7902e36b90","ssdeep":"","tlshash":"d301940d789d1218b47fe230fde245cc66156b2b6273e39ea408953ecd83d65903f160","first_seen":"2026-01-05T00:32:53.038865Z","last_seen":"2026-01-05T00:32:53.038865Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-7f0c267a.cc790e8c.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-7f0c267a.cc790e8c.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 525\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-20d\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":525,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (525), with no line terminators","md5":"11daff2e12f6be9ece5a2df3613f319a","sha1":"16499f2269c40cec652ff598d1fa46f4af825c91","sha256":"9f9e3ce5d337f582f030f3372f45396f775128cf4ff04b943c4a04b1e754a4ab","sha512":"ac76de30b3408501e88e8839097bad820f706faa9a62b106209e402b6d5d1848989d89a5b57b34c56a11208d017360e12f0f8cf18ed666f9e12f368ea6c16e5f","ssdeep":"","tlshash":"78f08b502182a11cfc77963131b348dcb252988b865b973a58172ff2c8c34c652351aa","first_seen":"2026-01-05T00:32:53.039969Z","last_seen":"2026-01-05T00:32:53.039969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":261,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-17da66b5.30849117.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-17da66b5.30849117.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-30dd\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12509,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12389), with no line terminators","md5":"767d0137384586936a422f8d68c107d2","sha1":"212576477bdb06c6246cf294ee12c6564620f2bf","sha256":"0948ecdaa833584d224b06620414947bbb87e867adcd432875cffd5c3b641c5f","sha512":"e9d25a1dfaa4677e9629e2290d24bba3b156171c3ab76dbfd59c1f48ecff44c648a7975c061731a74f13df442d53fe592879be47fac816cdfbf1e8df561128b2","ssdeep":"192:huk3wZk6SIFCDTTPIR2qtpkOkOPHY3bOEf5olcuuH9R1SeivVjAYRB/XI0oO0Jmn:huWTPZqGFLpR4JtcCBboxJLlV5i","tlshash":"8e42bf5ba4d7dc2eca982592b10986546e721fdcbe104186b77acc94e380d3c6b2e5cd","first_seen":"2026-01-05T00:32:53.041024Z","last_seen":"2026-01-05T00:32:53.041024Z","times_seen":1,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-2d216dc7.b2c5cf64.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-2d216dc7.b2c5cf64.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-621\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1569,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1569), with no line terminators","md5":"cbcffdd4d1942934734147abb6c1f5e4","sha1":"af5ae399c5a9c1729f59d23a3bed61730427767a","sha256":"5c4ae32abe84de48f5d4b8a6e680c45d9550300bff76f15c035593d39c2484d0","sha512":"e2c59d612bf1a33283bad851c72d40dac7c214edaf29cb43db9941231cee6b03b55f011a6614999ee9c91f0eb04a74de5f007969e161d8ecd22c15fadcc2065f","ssdeep":"","tlshash":"ae31532d5049a82eccafd266261be621f0473e599fe380dc777686d901f0c74622cb9c","first_seen":"2026-01-05T00:32:53.042034Z","last_seen":"2026-01-05T00:32:53.042034Z","times_seen":1,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-7f9e73ad.526cd56d.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-7f9e73ad.526cd56d.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:29 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-2bd8\"\r\nexpires: Mon, 05 Jan 2026 12:32:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11224,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11224), with no line terminators","md5":"175fe139ba6d6aefc96d65a30e235617","sha1":"692006289f0b8a683d21203a5668cf20fbffcaff","sha256":"49bb9faebd9ea3eeb0fb2f2a87b6e69ffbdad0c3bd1e1918382377145d30714f","sha512":"896e3fdc893a5e58898fbdd8fe063cefcbf47ec6205a1724dad5b0615394f47bc96f415a4cfe260de6530f231cc0666f2f82d196e702445efd8c3c3457add0b9","ssdeep":"192:a98fFUIPGoYIxp7UpgWNphjM88qvjZ88269MyirkzoXytQoW:08NUx7aZzWNpH8q28l9MyiAzjDW","tlshash":"b832f91ba0d3241b4bac9151602e961160b73fd82252c08ebb75cbe5ebe4db4252f7f9","first_seen":"2026-01-05T00:32:53.043171Z","last_seen":"2026-01-05T00:32:53.043171Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/img/11248.0f5076a6.png","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:23.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /img/11248.0f5076a6.png HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-11c6\"\r\nexpires: Wed, 04 Feb 2026 00:32:23 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4550,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"0f5076a6c973962872176aedb72772d6","sha1":"c70a5ba6beab302a7bdeefe4430d5a01cfd605c3","sha256":"2783b04e2d51798c8065d40e0f8b6145dffb586c297be8e480285d73943355a0","sha512":"99766f07d0268c11fa1bceb67eac352e3b694fca034c8cb9b8a352a37741e4bfe53e4687ad6a9392be8127e5db37780654c8e791b4282aefc36906f4eae8562c","ssdeep":"96:MWtcFSdOOGi/jlsmBLCAEPCOGl3zG2gC3FeA+w4LfhGb:MWWsdRG8qmLCAEfGlngO+bLZGb","tlshash":"77918dfa78a8067b927a61d94d1f74749c09f2afdb047dcf24209877701da987442f0a","first_seen":"2026-01-05T00:32:53.044305Z","last_seen":"2026-01-05T00:32:53.044305Z","times_seen":1,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-42656bd6.bd18e37f.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-42656bd6.bd18e37f.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-931\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2353,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2345), with no line terminators","md5":"febf69be102a789500c5c9e7e28fef80","sha1":"17820d32320efb7812cae2feb3264e050ec3efe1","sha256":"22fa5863e8ade110c861e48914fb81aca2de17417ec7c39588c40cd9fedf394a","sha512":"dc9915ddfeab6c8b4dad473aac3fe7d4967bd2f63f707560044d23244eab27e729fb4e19d9617f393a5f71b3180fe41e23a729c465cb3c3db29f81071497d329","ssdeep":"","tlshash":"d8414407d18ba92dd9be4197500e8675b0647ff41a22c0dab732caa845d0cb91b3e755","first_seen":"2026-01-05T00:32:53.04543Z","last_seen":"2026-01-05T00:32:53.04543Z","times_seen":1,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-29a6111e.97d1e99e.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:23.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-29a6111e.97d1e99e.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:23 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-64ea\"\r\nexpires: Mon, 05 Jan 2026 12:32:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25834,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (25686), with no line terminators","md5":"bc4bfd754010678f481a1e1ce963d3b2","sha1":"eabdf7fe68935d4a5c85059bf7122296f2ff2288","sha256":"a524c79cc99fa2d6ae158cd723443ef2a254e485a9fdd627e9b3e79a61d7eecf","sha512":"3e5c5d927867a5de597f8ee6a1a89826136a21e96dd325063b76ebd07d754560d0df26b7d3aee11f87d22be1c39da6fae10640e9f3fc4390218af5a4685b802b","ssdeep":"768:pI8KepOZbmRgz7vpL0Axd5QaKQ5BPruKzZ8iOdPwCgBWarZDY:pRGbUgz7D5gQ5BPruKzZ8iOdoCgkarpY","tlshash":"a2c28d45a8cbd9bcae6f9531620d1630e46a0fe9d338d480f3759da87ae0d740b1f92c","first_seen":"2026-01-05T00:32:52.921177Z","last_seen":"2026-01-05T00:32:52.921177Z","times_seen":1,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-1285f274.b8d7f80b.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-1285f274.b8d7f80b.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\ncontent-length: 164\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-a4\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":164,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"db7cf67bc348fe60a389910d34bf7066","sha1":"2a6dc6e5dd1ec4e5ad6d9faf74356bbbb3d9a558","sha256":"0f545022937f9026d8759abe146664df986ddc8aa7ea66c8b13966d2992064bd","sha512":"d56234fad3106cc65f0dbb8441ac94a4e3593dc1e3a7f1fb3b3d0750a1ffa3273e3f3569a24b40b488e2a45371c40972047184edb197c6258d7e05e9b692aca4","ssdeep":"","tlshash":"80c02b10342d7cb1a3eff04a10b161e0a43333894b3c00e241d34536cfaff61a990ac4","first_seen":"2025-04-21T11:39:25.145839Z","last_seen":"2026-01-05T00:32:53.046834Z","times_seen":2,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-8d35449c.c0f4119c.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-8d35449c.c0f4119c.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 349\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-15d\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":349,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (349), with no line terminators","md5":"87d0de5012a4696d91a649033c74e1c2","sha1":"ff4d46a46c1d79f62ceab130736a94eadfafa650","sha256":"cd62d37cc4aa4b736ec09fdb86bc0bad0882607db266de52089e404dd42fc9e7","sha512":"ef9ad336ffe4f27bb55bfa5152b53e699cf49b601fb43ed319f93b94a48b3da7da923047e078bb14fe49b73c4241e7db3ec8c2a17b1aa5e2a8331429ccd24ce4","ssdeep":"","tlshash":"3de0d848a2de1114b837f468ba9244cc22c77b13356347c9fda47434c6c2e54e130144","first_seen":"2026-01-05T00:32:53.047446Z","last_seen":"2026-01-05T00:32:53.047446Z","times_seen":1,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-beaba276.91138634.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.163Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-beaba276.91138634.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:26 GMT\r\ncontent-type: text/css\r\ncontent-length: 613\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-265\"\r\nexpires: Mon, 05 Jan 2026 12:32:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":613,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (613), with no line terminators","md5":"62aef0455407f296071dfd2ffa4d1017","sha1":"0c99feb7695260d33fa2cea20481288124cfdfa0","sha256":"2a0fd9a03ec602e8f98f7182aa433431a6c82ef96c4a1fc5c831d07af65417da","sha512":"07eca3faef1f396b0d2f690a3870ea1b0f18ee5b442c7cb21a495dbe5781ec0543e261d028aeefda2fb067d1443487988712135c005a54dd1f91ee5c055d91f9","ssdeep":"","tlshash":"56f0491a2527107be4e7f0007ff26108728d75a2c986d277656b8e1981aa15931b7485","first_seen":"2026-01-05T00:32:53.048629Z","last_seen":"2026-01-05T00:32:53.048629Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/vendor/chartjs/utils.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /Finwallapp/vendor/chartjs/utils.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 313\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-139\"\r\nexpires: Mon, 05 Jan 2026 12:32:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":313,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"61c7a1f5471c4d9807f22deb62bbb414","sha1":"81f129bc8eda58a0e5dc242ce30073bb74e4f1cf","sha256":"63c4aac2748abf84217c2df8437a69d57e7a5b00e18c11cc84f0f3e2c4dd34db","sha512":"37db95199999859d0b34a25a688258f9eb93762bf6230a54e227cf4945ac66358c19271cb09ccbece91dc3a52b4bfc34be6a0cac50f0ff02b6a2d764823e8d1a","ssdeep":"","tlshash":"79e026edf4665cb072177360088f1d0ff22dfc228d3d0a51d4115120672a42e00e2848","first_seen":"2023-11-20T03:27:49Z","last_seen":"2026-01-05T00:32:53.049683Z","times_seen":8,"resource_available":true,"data":null}},"time_used":1554,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1023,"receive":531,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/img/favicon144.png","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:23.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /Finwallapp/img/favicon144.png HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-170c\"\r\nexpires: Wed, 04 Feb 2026 00:32:23 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5900,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced","md5":"781089489ad3ca52f0aeca50f35ec14d","sha1":"6088d319db10daca66022fb3dc2b9869f940b7c1","sha256":"6d983bd6299c200fc14b2f5059a05684c966ef869b77bdbcf20f5c5757efe9ad","sha512":"2cfe4e2d4f8512a9fc251e8ad71f7ceb2fb08da23395c9e2891a9d8c5455ba81f000c4c517617d433c8d1016096d63336c50840b655593349639055b0aec1cdf","ssdeep":"96:MSMknmWIp4/7NG0+SGiHYIJ4HeH3Uqii/s8+NkhIgdGdJ0uCwW1j+quUfbb6Me/G:MSMknx34IJ4+uNkfoZ92JfCBe+72qYPH","tlshash":"dac14c08f503cc20af4d7238acfc542b067b6f805f1253a5f8ccc96659a19adca5d8c7","first_seen":"2026-01-05T00:32:53.051013Z","last_seen":"2026-01-05T00:32:53.051013Z","times_seen":1,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-747090b7.eb5a67a3.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-747090b7.eb5a67a3.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 626\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-272\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":626,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (626), with no line terminators","md5":"6a5d33ab619b6c707b1b9b811ab3c150","sha1":"c3a0e1d8ba0d66e8c4f9c6050b30f8f7522fe491","sha256":"c631ec93745c189627ba68b55d2dba7efa6b3f4b5b949cb1fa391e18db4a4052","sha512":"634a9b51e289953da92be1395a2d2a3c031653e374c49f64544187102f6ae7b34764514d1bf188a350c7689d1ff06e475a36d06c74b301e3860d70bf2401e4f2","ssdeep":"","tlshash":"59f0ac18b75c9922b833e12af8c2c8cda21433236366a314be933437ec87dc174715d5","first_seen":"2026-01-05T00:32:53.059276Z","last_seen":"2026-01-05T00:32:53.059276Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-28bf07bd.b741619a.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-28bf07bd.b741619a.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-20df\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8415,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8283), with no line terminators","md5":"1cb53de31774887a2d910e9b2371707e","sha1":"644673d0aa33d4020fac1980cd5990793062661a","sha256":"cc78526aff08b48def63ceff109afdb664a22c8bb1f07ad9f697673a41beaff8","sha512":"5485475060af2a219d40c5a6bb018fd98b5c56f9407d3a53e936a3a240225da39d118d8bcde3d7e0fc479fef887a3ea6f88a6e2e1c0d3292af3b5486bb3f569b","ssdeep":"192:Y/v8DDD5KjpfdlD2TuzOVYmHE4Y9gofI25NUCUyuNr:Y/kDDD5KjpfdlDhaYmk4Y9vNUfyuNr","tlshash":"b602a511f2069c268f2dce9d062e78ba61b83e7f7015c9449377c15246acb28977b22f","first_seen":"2026-01-05T00:32:53.060754Z","last_seen":"2026-01-05T00:32:53.060754Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/#/","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-05T00:32:20.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: text/html\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-22dc\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Chart.js","description":"Chart.js is an open-source JavaScript library that allows you to draw different types of charts by using the HTML5 canvas element.","website":"https://www.chartjs.org","common_platform_enumeration":"","icon":"Chart.js.svg","categories":["JavaScript graphics"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]}],"data":{"size":8924,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (8924), with no line terminators","md5":"f4665009b0ae34e14f935e57b8d1c989","sha1":"e092a9ac636d775b7b14b1cb3ec0c276d68bbf9d","sha256":"f89da8daaeccb60036eb322c26ed40ee57950f5afa8d9f7c38a4bbfda2cf59fc","sha512":"81ca16d8f514491e1b410192f66793544299df6257a76a6b7dbd800ec6ab9c9c676aa84025caa591245723e8fc44c9cf5808adb2078021a0c2028b482ef8b68e","ssdeep":"192:aQgcW4SGZt1vbIApURKH9wExlRlcbPNo6ry/+mlxi/lhNKHFyt2DitFyODG5TRgU:6NLA4aECWPOBCM","tlshash":"c6026d75d45061af6934de3feb60bbaa40eb5b6d1830e870c6694f3de438bd44726443","first_seen":"2026-01-05T00:32:53.0626Z","last_seen":"2026-01-05T00:32:53.0626Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1357,"timings":{"blocked":546,"dns":27,"connect":259,"send":0,"wait":259,"receive":0,"ssl":263},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-0b9cf106.b34d8941.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-0b9cf106.b34d8941.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\ncontent-length: 444\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-1bc\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":444,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (444), with no line terminators","md5":"6cb7b5d95242cec31aa7fdb5eaedbd9a","sha1":"4d97c2aa6b0e9ac3c177dc3e3b7365228a6da91d","sha256":"9a5c7c3ecd97149438df08accf85db5a48d87a6b2f69396584c9c3c5d601ea29","sha512":"6a37d0fe25e9fe1bb507169115bde6889e4ed24187157e9d1addec43fc7a8199993c2ff16c36b8885ed1b26d518671808fe1e8635277cab1d8c31a33bec1e981","ssdeep":"","tlshash":"ddf05c1ef08e100db43fe218fcf15a782039c58787260b3d503c75b086bb1d6225eb51","first_seen":"2024-08-20T12:21:33.672704Z","last_seen":"2026-01-05T00:32:53.064205Z","times_seen":5,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-0c1b8fda.67ecc0dc.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-0c1b8fda.67ecc0dc.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-7dc\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2012,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2012), with no line terminators","md5":"1b1ee3748b41b0acc7289fec3ea6e88f","sha1":"d434b64d4d1069bdbc1351a06349b3180890780f","sha256":"9c480db44aecec1ec6736978b3e1fc934ef8a9d987bcd575b3b1f5f52129e249","sha512":"3d4ac53506183ab0cf20fff4a78c974289594a25264c89626b7c6f996f4e40852110250c8acfefcd277fb0ae2629c9021f37a82b8e33b0c55a7b5cd95f68c2a4","ssdeep":"","tlshash":"ab419e95714ff43cb03fe899ed926bdc3134da03e2170b689d5b6e708b8789336612a4","first_seen":"2026-01-05T00:32:53.06673Z","last_seen":"2026-01-05T00:32:53.06673Z","times_seen":1,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-20f00924.fee96711.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-20f00924.fee96711.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-5a4\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1444,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1444), with no line terminators","md5":"5083123e10eacd6e30f9772f812ff2d6","sha1":"da91a1408921a9c5106d6b8695a5a17d513dff0a","sha256":"b3604fd4353509a1a676ea8deb47e38c3c697cf8211ec578b99932e47517efd7","sha512":"78f0970391f1446fa86a0322ac1c6894993c5cc304d3e2fd714ef28b6186c2948d6dfa5a6fb1751db8f8f2885bfd39e416f32fff18e69e8707f76998b291ae6a","ssdeep":"","tlshash":"b631be2ab10a2008be7fdfa1b9e6eac8319935175d530f68f1947ba68d43167b0163d1","first_seen":"2025-04-21T11:39:25.161576Z","last_seen":"2026-01-05T00:32:53.068346Z","times_seen":2,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-3e5f50e7.a43d3ab9.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-3e5f50e7.a43d3ab9.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-bc0\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3008,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3008), with no line terminators","md5":"e9c7435074420196219d13acb104ed69","sha1":"868a41d0b1610a07601ab1f1d326c5f8ae4b9313","sha256":"2e15cc1bd7e503892032b2ffe99f0e0710e44fa74814944f31cb9bb4f059e0a0","sha512":"68d7d172e2abbd9da2e6255c72dc28bf814c616ad526a0cc38e3fa0a1d1bece9f0f1780bf19d08b2ad7ef226eb28d5ff479eea722ae7199285368d874cb6bfd8","ssdeep":"","tlshash":"e0517925798c7011b03fe2807dccd5fe3150e7535d828f699920e43a8e8b5f36225975","first_seen":"2026-01-05T00:32:53.069646Z","last_seen":"2026-01-05T00:32:53.069646Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-0c1b8fda.7c882c38.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-0c1b8fda.7c882c38.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-b00\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2816,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2775), with no line terminators","md5":"c73450e31f7d2195a30be9d378cefc67","sha1":"b67b968f21184751ad14415fa45db0702e1d84dc","sha256":"d205bd68ee1d7f0dfc70714c6ff968be758dcfc1e4c7e3a6ccc615e304af62fc","sha512":"9f14f62e04a6b438b5962dcafca1a14c7713a35d89a1b992ed56c7d4379b34d6ab5228f64f614c22210315c19ca3abc496fb45b34bf9cc09b192cdfd0e9855f7","ssdeep":"","tlshash":"db51731990c3a829dd2512e62c1e45b4f3ba3e58dc0951ddff789bd1a3906bc07287f8","first_seen":"2026-01-05T00:32:53.071152Z","last_seen":"2026-01-05T00:32:53.071152Z","times_seen":1,"resource_available":false,"data":null}},"time_used":520,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":520,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-20ce56fd.a33070eb.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-20ce56fd.a33070eb.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-3864\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14436,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9312)","md5":"602564e74338fe84e6b45fd509246459","sha1":"361b61dac35402a005e0e85cfc9faa7cbf7568a6","sha256":"d75228e9ef0b8f91a1f12485bff6c0ff8c86bdfb5f31807aed5f16f6fa8ce7e0","sha512":"4a47105e8671ff23508cb3ec24f5be9e488a7199adf710fe7211b0a28aff8914b436d6cf52b0fbd09bf618de1cb9067c9b9b59907dc2da4559cc1432838df965","ssdeep":"192:fRjRlty+tRCeY4rgLKM0JQ7EoHWFxJG/HW4LylSGSO0T5lKorw11ZfrqNLLN7X:fNRlty2RF5EK8yFxJKGh0T5oJrqNLF","tlshash":"1a52d758b0c2b4b01eab60b4502f950af276ba55718bc480d778d4e5aeb8dfc0563f3d","first_seen":"2026-01-05T00:32:53.074761Z","last_seen":"2026-01-05T00:32:53.074761Z","times_seen":1,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-65bd2fc0.3054e169.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-65bd2fc0.3054e169.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-39d4\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14804,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9244)","md5":"7e025b5d833bbf1493e51be9cc6c65c6","sha1":"5596c50588436dd5a860b6339939f293e2213559","sha256":"a01893c517bf14ca1ad1bb6f78c63b4819db84df6bc9be20cc704e46f7aa2fd1","sha512":"b4fd72cc9be31d2c33dbd0a0c726bed469f4339fbede7d6dbf02172b2ae8a827de08d6a4ef20fac78cb87a0fc844fae7de47a78fef120253ab214dd212f0e40c","ssdeep":"192:/tj/GzV7n1/E+MK7F37EnHCFxJ8HW4LyCKDSC5yTjllrg1NZnDnSlrNm:/tj/S1s+J7F3BFxJm05cTjsDSlrY","tlshash":"a262d959b2c1b0b59aa720b5512f9606f2726955215ed080e33dd4f0bcb8dad0a3bf3d","first_seen":"2026-01-05T00:32:53.076791Z","last_seen":"2026-01-05T00:32:53.076791Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/img/11246.f7c63c4e.png","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:23.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /img/11246.f7c63c4e.png HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-1329\"\r\nexpires: Wed, 04 Feb 2026 00:32:23 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4905,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"f7c63c4e70a2f24a4e9422bc7af8270c","sha1":"07b5cf1ce6c734a0650f00b821475e0ee60a55c6","sha256":"ec3170e0197eeec51c730dc38c66d3667a5e59ae65cd3f1f576eccb440eba14f","sha512":"0341e0d9f7cccfcce7e96222982cedcb82b7ab480ee8f364e0595597c20aabefb33201c36b5918a1a2ee37fd6bbaee8aeca5103fb6130c0e49b8590509101a2f","ssdeep":"96:yD9RJSowRL6KSf5Ir8bNrLcDSfDVO3lCDt3OoJQpAKahJ3:i9RX1VbVdfZGkj","tlshash":"28a16c8592a57d67aa314ba2f0d870d4f0c7582a233183a210e67879cb7dd24d1daa5f","first_seen":"2026-01-05T00:32:53.077938Z","last_seen":"2026-01-05T00:32:53.077938Z","times_seen":1,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-1b9a77a4.98992237.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-1b9a77a4.98992237.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-6c2\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1730,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1730), with no line terminators","md5":"352781aadc639ed844137068c44d1cad","sha1":"f58c96217f77ea0a1c2c77e4ba6da841af4965db","sha256":"9a938cca47d1aa7b910da37534591c7fb8a4bf18a725acffb108e747c9884e78","sha512":"245a0e8e5436be2e48ebc9d92f6a489e72a1a54837da4949da63daedca43de9dcd78aca39be0cc4c9dd1828eec102208eab3533c4c616bce0e32eea394f2da34","ssdeep":"","tlshash":"96312679b5dce1a0782be95172918cd870006b975553039dea32b47acec3df3b22d994","first_seen":"2026-01-05T00:32:53.079298Z","last_seen":"2026-01-05T00:32:53.079298Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-42656bd6.f5822695.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-42656bd6.f5822695.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 484\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-1e4\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":484,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (484), with no line terminators","md5":"979a2e1eab4a98cef911a1168767f2a0","sha1":"d97ab9edadf6d4c3f66fa49a5c067adbc9dada69","sha256":"10418dedf3f232c167bf7a66dc52cbe1a185f5157875bc0718fd58058879cf63","sha512":"e2b941d42a92e5fe49f5089ea6429a0cfd8d16cfe4a0bd0160e28753996ed9374ac8c8b4b86b7e6f453dc1040ddf0b1d11abc3299fc56b4d53dfa7dcf387cbaa","ssdeep":"","tlshash":"07f02e529a4d64357c7fd160b29309cd35417b1bb37387a6eee07039d4c3c411530348","first_seen":"2026-01-05T00:32:53.08069Z","last_seen":"2026-01-05T00:32:53.08069Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-33de8bff.f8e3626c.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-33de8bff.f8e3626c.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-e12\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3602,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3602), with no line terminators","md5":"f95675df88b507eb0ee067b181b8648a","sha1":"735e2ccf7e01769158ec6dd3e45e647b15314a08","sha256":"55953a1200c2e03f3be3ae1ec97215164e9309dc22d2aa21a23436a3c3899377","sha512":"ef0dd7c5915333e85441d0ce021ae4459081f0f9ec4d9100400c3e2e6e9ddc1afc2ebb8dedd489d4c7704bdf242fa4f38f777fa2de77bebbf665e98fb3d1a15f","ssdeep":"","tlshash":"a3719815a0a3b42b6aad51c1601fe35670673ee811a282edbb72cbc4c7c1994371b7b7","first_seen":"2026-01-05T00:32:53.081989Z","last_seen":"2026-01-05T00:32:53.081989Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-747090b7.39c16d34.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-747090b7.39c16d34.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-5dc\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1500,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1500), with no line terminators","md5":"cb0cae8b28b76b58c25cc9fefe438636","sha1":"f0bdd18e87e3c3de18d415dcc933d543ca91247b","sha256":"cb146c528f547d3f538096b288a1d936b4c6b9885ce6985b177dbf63e3dfc899","sha512":"2007779a893bc3260a52581112b89e0d919130ebfe0c4c7980bb6f5f981f5df9499c8b5c3884d7f633b9e56261951271eac276103d43f12ba28df94dd7ef5856","ssdeep":"","tlshash":"e831972a90d3d51988796092101f3e17d0293bd44f318497f6f4c3f4a3a0cbc071e555","first_seen":"2026-01-05T00:32:53.084152Z","last_seen":"2026-01-05T00:32:53.084152Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-bb5dcdf2.cc3e6347.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:29.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-bb5dcdf2.cc3e6347.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:29 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-e51\"\r\nexpires: Mon, 05 Jan 2026 12:32:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3665,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3663), with no line terminators","md5":"84955325a61152086b08d60ebd930923","sha1":"c9231fc65cf89926593b102a62e94886f7d4ebe7","sha256":"55044989825e96bd1b85d95181111076e983f7625ef4629eb21abd818528e71c","sha512":"1826262626ef33f050300d5ec725f8fdc8d241e0d43873232e101a9e1f22e011fee60223547c321c953c171b4d36f1d136470f61ea5c9656f68dfa13e574b256","ssdeep":"","tlshash":"3071446f30e76c2f0d0d72e0702f8501a296ba5bbe87845db2f959e40a95d3c113da65","first_seen":"2026-01-05T00:32:53.085293Z","last_seen":"2026-01-05T00:32:53.085293Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-beaba276.bde16021.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:29.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-beaba276.bde16021.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:29 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-8a7\"\r\nexpires: Mon, 05 Jan 2026 12:32:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2215,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2069), with no line terminators","md5":"90a10a999a47b16cba54131c9517797f","sha1":"b717df72109bb8e41d12e94e2685c54777ead04b","sha256":"b6b77db47a0b4740aa320780ebcdeed4558fb7f76db77430b80062510ef4b5fc","sha512":"7342631163fd01b6f4f0343e817a8baead2cfe839cd0472afd2733551e7330a25a871bb592cbb04b3dceb36d4d039433c1d856ed85fca492e28bd42036850b55","ssdeep":"","tlshash":"3941ba55f4a79269d83e8041512e1a71e0392fd84431d0d3fab9c9bab6d0e785b0fb8c","first_seen":"2026-01-05T00:32:53.086446Z","last_seen":"2026-01-05T00:32:53.086446Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-c382b554.1895ab42.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:29.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-c382b554.1895ab42.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:29 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-1b92\"\r\nexpires: Mon, 05 Jan 2026 12:32:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7058,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7042), with no line terminators","md5":"4499706cb5d3cc7487d6b8c2c2cdc891","sha1":"434ea555d7f7514f9e47380385fde4ea5453213c","sha256":"c7b60033415ea9616adb4b91390c32467a917dc510160a9c4a99323ce06ec610","sha512":"35ec9f2c454325df5a8f59518df698a7e4386488424eff171a13b3de93acb25572a5cd94e004d640d58fdd0d6308cf093f0a496493ada91a8f2f7d3f6ab644f1","ssdeep":"96:IoyneXVi2q4Py4EJMvMvVcEtmZkQYr6qg+iGNQDLR7kFTOYLVw6T:IomeSahUvnmZkQIDgDGqDLlgZwY","tlshash":"fae15223addba12fc96950a0215a0470b0312f945612e4cef7bd95f69ed3c342b2dbed","first_seen":"2026-01-05T00:32:53.087423Z","last_seen":"2026-01-05T00:32:53.087423Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/js/main.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /Finwallapp/js/main.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-1183\"\r\nexpires: Mon, 05 Jan 2026 12:32:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4483,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"ed108653c4f86beb972803c21c3e09a6","sha1":"996a4f141976770ce83cc67a36e748282b1eff0d","sha256":"52b5d73107afbe8407a70f6b361ba46389511c9df73caeff422fe26ed499b5ce","sha512":"e9ce03ea254da5b4c6fd8713cca95f02a2f1f26052c7edb136c31082d74b05bb354436afb6758b43a96b9884330a36d1f4ebf7a90d9c788d03cf14d359c48cc3","ssdeep":"48:2kPsmDVGtu5kHBtwNCrZXZ3Y0BeRMuQnz0XQgKzaF4aVoiytiGkYvT+aD5Ilq6y+:rVN2UC/9BZl6441pGNbVdIlq9MrhgKF","tlshash":"e2911048b15075a691bb33364e7f9188eb3d4167c2418390fd6c26c46fb01d8a2b2fde","first_seen":"2026-01-05T00:32:53.088552Z","last_seen":"2026-01-05T00:32:53.088552Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1023,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1023,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-0581bef6.19e09280.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-0581bef6.19e09280.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-13e6\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5094,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5094), with no line terminators","md5":"4364f2245361f9cb40c0acdc820276bc","sha1":"84f9a201da01f15e8c390cdeb9a283a7bada31f2","sha256":"5df3decea70e64c05793f93ec2fede80a57ab982a8e9bc03728ce022628af016","sha512":"f8e201aba12bf046469dc431dfc075db4099203dbd7ebb021deb65672c460b3628dce4b2aea9d5598e95d3609e1c6a800757a911bfe172bc40d089388f4bf3d3","ssdeep":"96:9+eHE9OH3lNftRb6D4at/PTPZYQEy19dArtLaHU:EeF3nL6BjPA1Z","tlshash":"dbb17e32b27cb518f83bf116655e9ecd3154935be2232168cedfbe26cd4a4473d21286","first_seen":"2026-01-05T00:32:53.089562Z","last_seen":"2026-01-05T00:32:53.089562Z","times_seen":1,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-0aa26432.9d636ef8.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-0aa26432.9d636ef8.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\ncontent-length: 965\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-3c5\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":965,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (965), with no line terminators","md5":"bf1bd68ca6be2f1826e7389ae45a554e","sha1":"5c0f3dbad5b70f6e2390777a185043ca9f3a9a6b","sha256":"5b1242b5c32b97994cad043e3d38ff6a1c16aa185f1ba32241ee21ec9c98c980","sha512":"a57faa0053df16552f4931c31548d17231d69057f56dc1fdd8a54122492c5e6526a551d936d7f13fa83d71a1516f57b6181f59f40de26c7dcfae6397d32d69ef","ssdeep":"","tlshash":"c511560da02a173bb03ff0187ff2008a30513592909fc271542c8b22899b929b672e99","first_seen":"2026-01-05T00:32:53.091017Z","last_seen":"2026-01-05T00:32:53.091017Z","times_seen":1,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-51207ce5.f657cb59.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-51207ce5.f657cb59.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 972\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-3cc\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":972,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (972), with no line terminators","md5":"f8fca565c8bc968ad07dacc21861874b","sha1":"6ade22c167f8e70d98ea7a00cb93025ba79066c3","sha256":"b0b2788c2884124c6e3b215803c13af534c60b25aae5a89a025043d2db12574b","sha512":"447d77218bc2ac3bbc66e715c31caa75780d43c411d13928f111540e98764a4fa46ea5a2de44d37bc5504f925f07271a500d2c99c126bd1d18c06b726251f018","ssdeep":"","tlshash":"1d119b4d7d996122bc6fe9c9b259c0e5206027a319132363df1269388fc3df3a1d1b46","first_seen":"2026-01-05T00:32:53.092992Z","last_seen":"2026-01-05T00:32:53.092992Z","times_seen":1,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-694d2023.16eede1d.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-694d2023.16eede1d.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-12fe\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4862,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4862), with no line terminators","md5":"cff567635e6c75bf7f3d74bd49e46dfe","sha1":"a0d95f59737e4c1ba6f350dcec7acdd6cc93b7c9","sha256":"b358c1d45dd9c9fdd67e234ef31e16460ba2c533028e1a7317c7ca48e1391bc4","sha512":"1297b8047867c25243122b5b71884c3316f4925f11047d6aa8b198d81345ac4f2a287f1492c84cc9bb8c04ba3c8c863099f36bf9cb147a2f9481e632a33f94d8","ssdeep":"48:fXx0gzawCwa1w3CoawUXVLNi2lolzcal6RpcTpv1SaUfRRaUMQI:fLGwpa1tjwOLNi2lolzDl6RpcJoRQgI","tlshash":"56a1ab33f3983804bc37d1523d507ad8b065b20793275614eea6b936dd4b8dbfa2134a","first_seen":"2025-04-21T11:39:25.136854Z","last_seen":"2026-01-05T00:32:53.094024Z","times_seen":2,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-1b9a77a4.82fd0a69.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-1b9a77a4.82fd0a69.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-33e0\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13280,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (13262), with no line terminators","md5":"d3f82ad7581b08d364b8a646622d57b1","sha1":"91f7251749e910d8db1834be2120da099c9d4100","sha256":"aa2f5863a86074434e8f380419d1f6825b5de8fd64f3428f097fda84a02793c2","sha512":"9999e9c13b2cca19dfb1da2189bf39ae13bf1dfbbb0cd300c8812cb7a96ef7636ae2aef47c430144590f8bd26001ed52e6ab9dfe208a40108ea57d61b8ba90b0","ssdeep":"192:pgOHz0sSybKyQOO9ggy3mwS/NaRjTIKJl2PN14+UqLp3wCw6Vwl0Z:pnKyQOO9ggy3mwS/NaxNP2PN1jKCwOwI","tlshash":"94520812d893a807cd2ac256714d563851322e9e1961c18cf7b8ece927d46f81f3dbec","first_seen":"2026-01-05T00:32:53.095284Z","last_seen":"2026-01-05T00:32:53.095284Z","times_seen":1,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/vendor/swiper/css/swiper.min.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /Finwallapp/vendor/swiper/css/swiper.min.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-4d43\"\r\nexpires: Mon, 05 Jan 2026 12:32:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19779,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (19512)","md5":"26c92f1366428c2942321b2b8eecd909","sha1":"45d2889c50e7617b37efbf0c5c270aefd22e2d00","sha256":"cfbf080e7ccc96464af2fd824f0335f67c209a9a9b09262246d046a97f5b9ac0","sha512":"9e49d8474354cbba31bc6ea72589475f535a228ceacecc1930aad58705cf727536288f7e2501ea278530dd9d9cfc81f7925244a0ded38d81a02e0ca7e7dca775","ssdeep":"192:Q7aNf/lSSyJWCh8zfi5o/mXDN3eBxwdJ5c:Q7a1/lS0Cifi5o/mXOGJ5c","tlshash":"8992622c17003057e6334f1a87d99778c724c9939e4358ef6250ee48c7bb96a32af766","first_seen":"2023-04-05T23:05:54Z","last_seen":"2026-06-07T08:06:12.391086Z","times_seen":2295,"resource_available":false,"data":null}},"time_used":512,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":512,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-bb5dcdf2.4da9096e.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-bb5dcdf2.4da9096e.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:26 GMT\r\ncontent-type: text/css\r\ncontent-length: 833\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-341\"\r\nexpires: Mon, 05 Jan 2026 12:32:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":833,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (833), with no line terminators","md5":"f287d1901ac02403fe55220c72165f8c","sha1":"0c25aa02b829f6cf3a558f72cc88fe0ee48b3627","sha256":"7d55cf0aa92bd9884d58f9870b0d1ecd1ebe1b79efeef150e402cd2bdc730764","sha512":"634ad216ca5b1717881a3faf0b9ee590049ca0d9db69b4d2618c711fc0ba858ef321f352fdb84d6c775f3e336de764ba68bb06358d513fd3825c682775fc45a4","ssdeep":"","tlshash":"3701e91bb44d9017b77bd2c47891c5ca75952b03e90347a9b5483ef88d93ead3123a4e","first_seen":"2026-01-05T00:32:53.09699Z","last_seen":"2026-01-05T00:32:53.09699Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-1eb93e74.61df11f4.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-1eb93e74.61df11f4.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-4c0d\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19469,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (15633)","md5":"ce4b00776796059d7d5c3ff3ee086368","sha1":"9039c0e9f5b06e813ab618516ba1a177f5757e13","sha256":"4b0def298ee04311ba855ce32a7ef96420598e355ed25c2e4a35c39a2db022a6","sha512":"ef932e5e28336cfa1e653783d28912c52e5902b0ca73b3da82d4122021900b6304ff84e154f7c097bfa63fc9d7d37452f298baa98303828554753025a3b9e87f","ssdeep":"384:gNP2PN1jKCwOwpgrFxJV/GqWfGCnyl9hYy8O+8X5Bz6NfTePEr:gNPCNkQwGrFxJ0/tnWfYyEM556NfM4","tlshash":"c2921d99b152b0b29ba76599501f520af2317a987007c0c0f639d4e17df8dad0b6ff38","first_seen":"2026-01-05T00:32:53.097969Z","last_seen":"2026-01-05T00:32:53.097969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-8d35449c.900c3242.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-8d35449c.900c3242.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:29 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-726\"\r\nexpires: Mon, 05 Jan 2026 12:32:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1830,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1780), with no line terminators","md5":"a154125fb000a5181513d92abdf19715","sha1":"d238defcd9d6f387c982019704780b78a8a9f6db","sha256":"d19700004b8f8d358872f705209f9251ba4ddac34a70ff9a8aec0ed23b3c8c0d","sha512":"62f1e89e97666762965ddbac004eb511c49b6ece62a2a0e7b20cad80de077e6c6dc5e1d9535a44df7911b9e5b47061321a82f328a33bab317181fb706870d8fe","ssdeep":"","tlshash":"2a31e346d477941ae87d4086b11e7261903237d81a12c1c6a9fd89b4e694c783b1fbc5","first_seen":"2026-01-05T00:32:53.098966Z","last_seen":"2026-01-05T00:32:53.098966Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-f2df2314.0f60c3bb.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:29.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-f2df2314.0f60c3bb.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:29 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-1822\"\r\nexpires: Mon, 05 Jan 2026 12:32:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6178,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6162), with no line terminators","md5":"67db33fa2c38da2d38556273c0d171b7","sha1":"5d4f82bee895a08fedb0b349805eea7513f5dbd0","sha256":"72c145dfd420f054684c65645d90c705932ca93dbadc54a16c912f7b7ef8080f","sha512":"ae0aac97c7d8b507f4a4302aad3bdbcde91423206e7b6933a4de373651899b9895956c9125a14ac884a6ab70d4d047083bab86c186f173e04b66b64359f64c2c","ssdeep":"192:CZLhegXp7Gc+5Ae7fV04impnzGjKvx5t6DLS:sDXp7Qdby4V18S","tlshash":"30d18e7d9053ccd796c645ec420b53fadb20ef0ef95c99cbca68c2717984c15a0268ec","first_seen":"2026-01-05T00:32:53.100027Z","last_seen":"2026-01-05T00:32:53.100027Z","times_seen":1,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@300;400;500\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css2?family=Roboto:wght@300;400;500\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 05 Jan 2026 00:32:21 GMT\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"5f191b7c1870acb645ede78ab273db00","sha1":"f378b07759bed7536b73c68717c5dd948260c4b5","sha256":"ad1858b92854e4a7c6061ed231802005df55d4de964fc358939e4c1809468920","sha512":"0e75a5359e94320e96d6f4bf69fa0cbae3ecef5f76b53b81c6083dc0f5f023af3a2e1a37e233724bad25f5632f90f2b7e563bf66b79874e52792ed201a2c681b","ssdeep":"384:pKf5KgKPKrKyUK/qY4+K4KYKpKfMK1KWK6KyhK/qY4XKNKtKiKfDKOKdKBKyaK/v:pCJmwBUiRDfMTcfFBhiEymDcTYeBai7n","tlshash":"5c7200a1041750009b834ce223cebf35fe1f52517142d0b5abfdab6b9dcbc66526939d","first_seen":"2025-11-19T00:19:15.299348Z","last_seen":"2026-02-19T21:48:22.606097Z","times_seen":992,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":108,"dns":1,"connect":20,"send":0,"wait":22,"receive":0,"ssl":108},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/vendor/bootstrap/js/bootstrap.min.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /Finwallapp/vendor/bootstrap/js/bootstrap.min.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-ea8c\"\r\nexpires: Mon, 05 Jan 2026 12:32:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":60044,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (59765)","md5":"02d223393e00c273efdcb1ade8f4f8b1","sha1":"0cc93b8421d89c24a889642428b363cb831de78a","sha256":"79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582","sha512":"339296df3b6e2080a65488634aa5ded35a15d9ba5edb8f203b1aa695c62b13302fc2cecfc37cfa04ad2219baf0bddad4414862dde5e0b71a7923c3c3a3d61f8d","ssdeep":"768:wfAnnayQIk8HVheIE8Dg76TXQI4vPKMEK6viTlCDFm4n6xOp6Pxg3/wCVaAk2:wfUnTcWCw6xJxg7aAz","tlshash":"0343a54a7254787206df747a817b060bb3366c99a50a816cb8699ced2f7cd483277f3c","first_seen":"2023-03-07T01:06:50Z","last_seen":"2026-06-07T20:48:58.39682Z","times_seen":13954,"resource_available":true,"data":null}},"time_used":1029,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1029,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-4060a842.60ae8f81.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-4060a842.60ae8f81.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-bfe\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3070,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3070), with no line terminators","md5":"b6126ee0ee7a1409e533d6bcd2d1ad7f","sha1":"f22efd750ecce4727e6dad11b356d7c876cc9075","sha256":"948db3b3d6f3377968b9310fcc68956b22c8cd51cc5ba5ce9c94899962615b83","sha512":"e5669b1075b9d9c49a0f43d95ff946bf7b52ad58cbdf4151eb48baad57f04f8e18455f2a86e62672fb0aa1f772512dec7c135ef91134db511d05fb00b539dfd8","ssdeep":"","tlshash":"7e51525d78bc65209c1be79abbd0c8d5051c77138e066361e7207cb84ecb5e26173c6d","first_seen":"2026-01-05T00:32:53.102101Z","last_seen":"2026-01-05T00:32:53.102101Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-65bd2fc0.11274f4a.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-65bd2fc0.11274f4a.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 459\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-1cb\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":459,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (459), with no line terminators","md5":"bef63a3365e6310b2b36f133e9861beb","sha1":"82eb208a729959f28d4dfeb4ac053ff685744b7c","sha256":"8ddec0f9f798015bf25566346eb7cee61d2cf0ff087039b6322942e4d1cd9828","sha512":"899ca7ac842a15b843d4a9e21c07a2bd167de2258e4ce4974dca9fce1ddc9877fd70f37df71181292877dd89bdcb00eef717071748f6c07cbed73507f4a1d09b","ssdeep":"","tlshash":"86f02765e9cc103d78efc090eb0263eab9052b232163a3a9e9042675fd43af0303220a","first_seen":"2026-01-05T00:32:53.103035Z","last_seen":"2026-01-05T00:32:53.103035Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-c382b554.0eafbd99.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-c382b554.0eafbd99.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-b46\"\r\nexpires: Mon, 05 Jan 2026 12:32:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2886,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2886), with no line terminators","md5":"e79d0666a44623bf95b2c2a7698801cc","sha1":"7e2c22c24283a3fe2b977525ef20d8b4b6395af1","sha256":"469fb3edd225a1a0355dd9f8b05fc113d807fbcc252227e679ae2c8e38dec5f5","sha512":"978e52f8460cff34fba6505c7c853ea1f5ffb248d85408c960213ff137c07c42c52a8fc18520e12d9b7a28d17b738e2ef1df9f120af9a5d8dbf12fe7e375227f","ssdeep":"","tlshash":"d251ab20e11d200ab13fd0216691588f31119bc75b3f232ba885fbb5cdc7592b22e35e","first_seen":"2025-04-21T11:39:25.199899Z","last_seen":"2026-01-05T00:32:53.104035Z","times_seen":2,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-fa0359b2.47e15ecd.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-fa0359b2.47e15ecd.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-423\"\r\nexpires: Mon, 05 Jan 2026 12:32:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1059,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1059), with no line terminators","md5":"47f190d2b4a679520bbb10f1172e80c4","sha1":"32a5313f9d20836f38cae3da67ab305b811fbc02","sha256":"18940fae90e75593d4696da0b8fec1478c919507017c2b926b48214ebdc61624","sha512":"a4013515d69f317e95d1ed7b6d62741d4c7c341f8c714c3e65123874450ed4bc2c40858b92a5e9b5dffb24fca4e55f0296402797734ea1bb96eb84fa6462aba9","ssdeep":"","tlshash":"0c116d1af54c2009fa7be29ffc9254e430b2d94f57120735e9d177658ec75a23392345","first_seen":"2025-04-21T11:39:25.141439Z","last_seen":"2026-01-05T00:32:53.105045Z","times_seen":2,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-0aa26432.cfae6767.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-0aa26432.cfae6767.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-722\"\r\nexpires: Mon, 05 Jan 2026 12:32:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1826,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1754), with no line terminators","md5":"5526d6b665e5ec7a88a3b7e745f7cb0a","sha1":"cdaaeeeda6ef9e363a44693b72675d8208473f77","sha256":"8ad7a5f8fb0625f1950e96397855d294ee0fbb6499b353f58eff8a9ea3c3acbe","sha512":"f1ba6255bad450d38fce0f237972e5cd3b5c5ee671601cbfc2271a7396337d1996bee9fb744e13421db55aae5d6d494b926a274fd4558b46ee7727bf2d2a07e5","ssdeep":"","tlshash":"1b31df4ef0e3926ed43ea041712e1532e0311f984511d442a6f4c4ea77f0caa471ffad","first_seen":"2026-01-05T00:32:53.10643Z","last_seen":"2026-01-05T00:32:53.10643Z","times_seen":1,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/static/laydate/laydate.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /static/laydate/laydate.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d82-687b\"\r\nexpires: Mon, 05 Jan 2026 12:32:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26747,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (26344), with CRLF line terminators","md5":"9e74dc1a1b5697ab070cb9c7adb5ac49","sha1":"1e6bbb396193994151bd348cdab730bedb04aa34","sha256":"5ab07e6bee1636349d1e0cc8e68bf88ddbd1c87e6781a80361a74d1462ca1e35","sha512":"20555e7a38010bbddc09f432b847d47f70005a21b4891eaa7cb55fd7423c11dcbea9d7725dfbbdef3cb2b5b15b26acd8967e2366571a718ce6a5db1ed1f2704e","ssdeep":"384:JmU32p5yipnSwmZhKnO36zlz+Hbk2enSel:N32pSVhKnOKzlzCknSel","tlshash":"94c2e94ab44a79e782732067114f010db67985bead068424f45be4f66cbcc5b123ffea","first_seen":"2023-07-06T08:21:15Z","last_seen":"2026-01-05T00:32:53.107385Z","times_seen":14,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/api/Common/BackData","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:23.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"POST /api/Common/BackData HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nuser_id: \r\nuser_token: \r\nContent-Length: 13\r\nOrigin: https://sx92.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":13,"data":"{\"lang\":\"en\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49987,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f94bbb71d6a68b3d11de458ae6180c14","sha1":"39ea75c4e83b6b7f3f9c606d0b212ba55719b83b","sha256":"7131a38e167bd7767de99e5db4371c0f36b3c3368759202530087d1e2381fd83","sha512":"fc408b8d4c022075465c1e8a22a9c25a0f4d3d9e0f9b63bbffe3c88fc807e33102a3e4624e919375020448a3411404ce8d9ce73653b0c5da5a5e474ac3647a5c","ssdeep":"768:bTkHwug/BrhOIp6FkykzWkjELIczGi4QaK:0QuurSajXYLxGk","tlshash":"c8233106f35a0320a99244d6f75f73f775ae144ca302187968fc9eac128e83e67767c6","first_seen":"2026-01-05T00:32:53.10799Z","last_seen":"2026-01-05T00:32:53.10799Z","times_seen":1,"resource_available":false,"data":null}},"time_used":488,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":488,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-1eb93e74.2123a951.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-1eb93e74.2123a951.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-79a\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1946,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1946), with no line terminators","md5":"ff35697d341ccc0abef9f0af7dd1ab2f","sha1":"1cdaa514365ece2fb25457a1611ec50b0d43dca4","sha256":"40c76fe9080d08b9f32f80e271b750323158141c10351b653490c72b72caba59","sha512":"bc87400b9204af69eaead7cf61783e8cd3365a98b7b2e0faaa536997a21babe3b8272b172095ad0534a6d6a959fc16032746d35863f1ee6eea4c2bbcea0a7f72","ssdeep":"","tlshash":"d741ca69b5cca034f07be847269acce93521b76399124319b9672429ce83de12f555c8","first_seen":"2026-01-05T00:32:53.109074Z","last_seen":"2026-01-05T00:32:53.109074Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-edd04454.9da32c79.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-edd04454.9da32c79.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-683\"\r\nexpires: Mon, 05 Jan 2026 12:32:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1667,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1667), with no line terminators","md5":"cc343bb6e0b87b0ea47dd627c8c4cc4d","sha1":"3ebbd7aed900b5bb763780db16d06ae4dadd966e","sha256":"954668788a8350344db69d5331b671bcd2d3c9ae379276ea98547206fd6f1a0f","sha512":"ce7a8901f143ea9ae3fe71c7ffb3fd5c1c08973b87e4298124e7392b3a1394a21d56493ec6437b65b7bade93de3cc1ae36c656092d4e56da509de2e1fe5f0d83","ssdeep":"","tlshash":"70315739bd8e10d572bfc88af54267cd270262134a2537a1fd41be399ee35a221316c8","first_seen":"2025-04-21T11:39:25.148936Z","last_seen":"2026-01-05T00:32:53.109999Z","times_seen":3,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-026eb032.ee7d8238.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-026eb032.ee7d8238.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-eaa\"\r\nexpires: Mon, 05 Jan 2026 12:32:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3754,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3618), with no line terminators","md5":"5f5110923a605d8a077730aea6180c0a","sha1":"64042845bf8f216976627f7dd9583c23e1881c42","sha256":"4d981db5e3c8f31786a3d5467a570a11c216dfd742af0ef3312d86a80457399d","sha512":"8fa0f753ce2809c52611a6400f65f038676a872af0d11aa536b55a74bae20e0d09ab4c4840bf910f008dc0adce2ceb08eb78557e73d57e3098755a33b8bcbd07","ssdeep":"","tlshash":"d971a0003baf94ac5e3ce54502bb590025799f19b457aa0e7c51ced9f328bb0dda9f2c","first_seen":"2026-01-05T00:32:53.111036Z","last_seen":"2026-01-05T00:32:53.111036Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-162602f6.14c6e766.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-162602f6.14c6e766.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-7d8\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2008,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2000), with no line terminators","md5":"bf166014a897c1a4a063cce1baf49569","sha1":"b63f7cf9a3ff5307077661e84735c2f34028edf7","sha256":"2ea3549d4fdbd3c9ad671b0816272cdef9beae0e3fae94513c4d1c9e6b71dc63","sha512":"67ce14ce516dbe1c2a79d2c6aafe676e30161973f5bc3406da519378b2c1e7174c1b3ca1887919a35c5708eeff950d5731ed9d3b342670cf9b9707c66660fb8b","ssdeep":"","tlshash":"7c41421c6093540a75bc9180356eaba170673d841452d29afbb68ad0d5818553b2bbee","first_seen":"2026-01-05T00:32:53.112053Z","last_seen":"2026-01-05T00:32:53.112053Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-559b9ec5.f447dba4.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-559b9ec5.f447dba4.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-17fb\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6139,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6137), with no line terminators","md5":"d60d94eca65cb3b2dd6bc517559d5ebf","sha1":"3da8c0af92c5bc55061aae8d47f584a9777b515a","sha256":"0f7692f744f7719662dc1aa7d7f8e9a911e6b6eb41b88ef4b725fabf2e0e0151","sha512":"a5743b1e6ca0ee8fe0e0fe9c08251c80b522d9ece1e48a27e9ca83ec0021f6f858efd21227132b055dc53e2d72b24fa97563190b028eef44a282c3c4d025dc55","ssdeep":"96:fu9DoMQIJ9GvtO+ElISv/0E4YX/ch+kEafVSfV42:futcOoSv/dUhVEatStJ","tlshash":"b6c17604a05b988baa7d5085208ddb3271723e9a4441c18df7b2cfe4cad8e35371ebb6","first_seen":"2026-01-05T00:32:53.112997Z","last_seen":"2026-01-05T00:32:53.112997Z","times_seen":1,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-45ba4b62.62477e66.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-45ba4b62.62477e66.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 922\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-39a\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":922,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (922), with no line terminators","md5":"0395737db20505703753b45b28b4cf95","sha1":"33730bcd2c0e930620136d85436be282ae11b9d4","sha256":"e632032b8ba230dc5a829e9e59ed7a39b08db35f687a5cf264827af887984718","sha512":"f038d5b0c7d94d6703fbc510ab132cbb55e265e0203db1c80080ff40076efa18ebdf3420b2bf4ae69cd932b2b7da75c59fd403d715ac4bd79882f4d8283b298a","ssdeep":"","tlshash":"e4115b0aa09f611fb56be0207ef7157d3040e65744d683ef492a9e3182c63a532771a3","first_seen":"2026-01-05T00:32:53.114048Z","last_seen":"2026-01-05T00:32:53.114048Z","times_seen":1,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-673c562a.892b9719.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-673c562a.892b9719.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-6ff\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1791,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1791), with no line terminators","md5":"3ab7ff6224adba5b6ef2fee7e14ee058","sha1":"c73c7f0ad0626d529dce0932832a7252bc648ec4","sha256":"20c09840cc512ec848a4559a68d099ce18bab6d9e7a5c6c6b29ae3b96c42ebb0","sha512":"e1bd78252917e0fb50139b64457c491e82701b489e074685cb5b5fbfedbeae634ce7deaac06605a3a60345aadb8f37919bfc35995495b8a347c26bdf47d9b6a7","ssdeep":"","tlshash":"5431329a710f328ca03bc19a6992cfb474337f33d2824bbee902291dcc8b9d33521409","first_seen":"2026-01-05T00:32:53.115068Z","last_seen":"2026-01-05T00:32:53.115068Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-17d96eca.a116bfb8.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-17d96eca.a116bfb8.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-7a8a\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31370,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (31346), with no line terminators","md5":"2410700e97f210125c15109b9a025d30","sha1":"2cbca1cceee100f0e07d05e50d22bcbd973a17ad","sha256":"47f5b145d6868c0e1ad63f9ee1d04b9c0642acd5fcb2d0021b91cb9e2660eae5","sha512":"85f83afb0cb46a52cf905fb3cada4c8b960ede1b99bb71b5d8c7f1a8ff126581ad2b824fefdb03221d860a74411529000e6acac163b3f68591ee7de4c5ca9d06","ssdeep":"768:oII8KepOZCW4H+LKe1nH/y4L0Axd5QaK9pQfKpjQIPXT28oqxhBvdu:hRGMab5g9pQfKpjQIPXT28oqzS","tlshash":"71e28d126087d9ae8d5f8450111d9f3165a63faee524a002f7b5cfe5a7d0fa01b1da3c","first_seen":"2026-01-05T00:32:53.116141Z","last_seen":"2026-01-05T00:32:53.116141Z","times_seen":1,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/app.3961f75b.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/app.3961f75b.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-3aaf\"\r\nexpires: Mon, 05 Jan 2026 12:32:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15023,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (15023), with no line terminators","md5":"fec7adf0beb32ac17260d278e644a7e2","sha1":"5482e955c649804e8b8273b519e120361afa36f7","sha256":"f3cae0fb5ad26e7d9461c5b9fde9a6ba98f5c639ff2806c60bea0a1c67ef64cf","sha512":"d7119a91f7c0a064a6819d0a08b978a318c56de72a2b7abbaaf8e456e8e81fce249780818cee991f3e8d9d1a17bf8098d82beb9f97f6c80434d03f305a9b7602","ssdeep":"192:WAHvhUbGPglqY0NYK3c2fCpqI6o0JOgQ5Z5Ex3iMktvYG74nulgxp2sGBI/UxO6j:UgY1KrI0TOqxKYY4npDtUxO6V42XP/lR","tlshash":"61629966f198312a753bd51cb2d4dbce6134aaa3ae0347e9f112b2158fc36d2332174b","first_seen":"2026-01-05T00:32:53.117322Z","last_seen":"2026-01-05T00:32:53.117322Z","times_seen":1,"resource_available":false,"data":null}},"time_used":775,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":775,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/img/11250.8ed7cf55.png","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:23.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /img/11250.8ed7cf55.png HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-1510\"\r\nexpires: Wed, 04 Feb 2026 00:32:23 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5392,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"8ed7cf5520dedfc8cb5cd7770a0e3367","sha1":"b3687aa16265a6a6095e038683db7d644dc2b7da","sha256":"50a75dac2069558f09e574dbaf1522e0b9ac8841cdff4ab544cf8b685b775253","sha512":"5c2a09a23d3c9f5c56ff143ef1bdf3aca7499fcf9e559370339048308794e1d80ffaef6bcfa4f313e6bede66812057196da731de597fbd7fc61640dbdcce6338","ssdeep":"96:Jy8eFreNdco4FV8GzktM9sDiDLEFTtvt97RmBOWT1tptHuy6uAv1d8ChurNt:JxeZYdX4FiogM9sUEp97ABOiZtHxhahU","tlshash":"6eb1af13369f9661de7558fd3280f80fe062d755e0b8662c763e941dc911c039cea848","first_seen":"2026-01-05T00:32:53.11845Z","last_seen":"2026-01-05T00:32:53.11845Z","times_seen":1,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/nunito/v32/XRXI3I6Li01BKofiOc5wtlZ2di8HDFwmdTQ3jw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:23.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/nunito/v32/XRXI3I6Li01BKofiOc5wtlZ2di8HDFwmdTQ3jw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://sx92.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 16228\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 01 Jan 2026 09:58:45 GMT\r\nexpires: Fri, 01 Jan 2027 09:58:45 GMT\r\ncache-control: public, max-age=31536000\r\nage: 311618\r\nlast-modified: Mon, 15 Sep 2025 17:03:35 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16228,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16228, version 1.0","md5":"28a2cf182b1992676f2f2dbf649c6948","sha1":"fd0ec8a34598c34e0fcb4d2f5b9c06d318e994dc","sha256":"fa89300b9bbb3bd0f60d6991aa055965d98e2ccca27bf8688fe0c39cdc796846","sha512":"a27eeb6a31afff7a760cadfbcbef39cb9e72ed439581de838d5a817d153492e1b0a34f34266eff8b128c01c0b73c9ebf7975d77505534bc6bf1f3d7323e496e5","ssdeep":"384:ARn6YYidKUkvOtExLc20hSOobOuhVs5Rlg2ITq20rKsc:ARtZMv9Lc+OqOfEHT0rKT","tlshash":"e872e0d97e232db7e15d06bf513274716017be6813ff58db66eb0e25a21bc0e816c480","first_seen":"2025-09-21T15:39:12.070123Z","last_seen":"2026-06-06T23:22:55.06406Z","times_seen":548,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":56,"dns":1,"connect":8,"send":0,"wait":9,"receive":2,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-13aaa7c3.84add3b1.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-13aaa7c3.84add3b1.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-a5f\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2655,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2655), with no line terminators","md5":"b087e9dcdfb6f88be6faa8c2d0b83b30","sha1":"ced2a596182e486c563532f982b5a4e6c64018d9","sha256":"ef25b648fabe4f1b85e0bb1f04a22f546f976f600a08e8988756eedbef9f2070","sha512":"a12ea50a71c7d1acff2794d0189966b619e3edc72df6868f2df05a9f22bcce793996f069bae4f1cf83c998f23a49fe217c8854d83a092c7655dc5f4ce2ac9776","ssdeep":"","tlshash":"7251be7bb50d3009f937e1f0f995518822b46a0785362729f2182ba4cf83da37b197cd","first_seen":"2025-04-21T11:39:25.153838Z","last_seen":"2026-01-05T00:32:53.120246Z","times_seen":2,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-fb4b0e6c.3f6948c9.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-fb4b0e6c.3f6948c9.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-2fd9\"\r\nexpires: Mon, 05 Jan 2026 12:32:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12249,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (12249), with no line terminators","md5":"db93595ca256abed31a8f228f5b8315e","sha1":"cc5b9260d8a3c320fb2e1c30d04ea50d66e22110","sha256":"e2f6a5350d712c54babcdb017437d48049175b62cf3b5ec56893fea18f57dcf3","sha512":"9368ee703ddc36355c00f365f2972c620174ade669f2209846a1da7a527617f113fcdf3ba1b655ee1e3caa36b93ef06cbf5fe4779ee127ff2656fcaed6ccdd41","ssdeep":"192:dXJ0nWN28IPfvySMjHeZvgSmfSC8Qx+DRyI5sDHqE3biPasOAW2XpjdcW42Axdjs:dXJ01lvyl+5gSmROcdDK2biP9dxXpjSK","tlshash":"9642b520b118703ab937c66d7461688e733093b3a616537a9ed5ed3bfbc324236623d1","first_seen":"2026-01-05T00:32:53.12086Z","last_seen":"2026-01-05T00:32:53.12086Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/vendor/swiper/js/swiper.min.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /Finwallapp/vendor/swiper/js/swiper.min.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-1e700\"\r\nexpires: Mon, 05 Jan 2026 12:32:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":124672,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65269)","md5":"c78e8d2443c29ea6501af4b1844e4c73","sha1":"7c477aee5043f22f4b8a0e6a574be43cd35dbed9","sha256":"6d7dd97b1b8f9a6dd66cc9025d3b6603d371173712d103fa273e20a3013a5370","sha512":"d590a0b5ed061ec2cdf7a31a768df63b266a98f9fc60b8ae6f428ab770b5852f88ca4fea2c3be05b5473361e7ee4e1214620e228a18efefbbeabadae251edd21","ssdeep":"1536:/ArVAiT53aBXr1nuNraK8h78lucfbyYDk5PJVzD5vp0XvH7WcWUwcPqojsE8EtOG:RBXr0rJ27UjmvD5ufH7WcWUwcPqmz1b","tlshash":"f0c31949b35071d551e72256539ed601a3b62805b90ac0a831b2dcdbadbde8c03bfefd","first_seen":"2023-03-07T01:10:44Z","last_seen":"2026-06-07T08:06:12.413749Z","times_seen":1481,"resource_available":true,"data":null}},"time_used":1027,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1027,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-ea5080a2.61b782cd.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-ea5080a2.61b782cd.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:26 GMT\r\ncontent-type: text/css\r\ncontent-length: 490\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-1ea\"\r\nexpires: Mon, 05 Jan 2026 12:32:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":490,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (490), with no line terminators","md5":"0fe6a68bf46f6d240d4b484636f2e421","sha1":"9a34fd3e42b8bb5f53c90f86761c5c5e8362a691","sha256":"7553be300a7c4134ba15a3c31fc8f277ee342e242a84346a03298c0cd967f17b","sha512":"8fa39ad92fe48d20a306790784ff65f67ab7fbce267945fb255f49e8717c1b9d91d778df85080a07584baad0f56ae50e2be31bb0dcd890ace61d162a369b974f","ssdeep":"","tlshash":"ddf0279db40f025cb0f7f0d43f8208ce38921aaaf85d4223ba1cefa186cb8e570b4141","first_seen":"2026-01-05T00:32:53.122896Z","last_seen":"2026-01-05T00:32:53.122896Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-7570261a.0721ea0e.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-7570261a.0721ea0e.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-11cd\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4557,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4549), with no line terminators","md5":"bdef10c0cb6b242da3e3302bed0fd3f1","sha1":"fa08df4abdbeeb71ff113802fca2b06441468456","sha256":"75edb211ab4acd65f849d3648f82741459daf6a40090e23bad4968f2a1792167","sha512":"a58a565ab9008ad6b5e941f9899b8a189ea87aa77e5da7b65f849097d681c530a8c50ecd86a45719a107c03f5516f1c64ae526a65df36a43c823e3b778b7b6a2","ssdeep":"96:C18cFXkceuhMkcftUcttEcDNCcsTgcgzZUc33eRctbac4jUchDkcWC4U5KR2oPd:K8ykqhMkSU4E+C7gpZUQgia3U0kV/pd","tlshash":"839124bae0a4091b8f5f7546745dc5e1b263242fac4e8bf093d8728c27c49ecad0574e","first_seen":"2026-01-05T00:32:53.124003Z","last_seen":"2026-01-05T00:32:53.124003Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-1562511b.d9f34101.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-1562511b.d9f34101.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\ncontent-length: 692\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-2b4\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":692,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (692), with no line terminators","md5":"f47134dfba5d63d77621800515ce4ed8","sha1":"fdfb2c50fd12e1ed2e0182b7d5c51bf221439a4a","sha256":"ffe3575dab8300dde6648218924471c838adbf26f57de0a718e195c6b1745c05","sha512":"11d8204e733b1b2d1cdf8f87eea9846ba3c0bca080dc399eefeb01768989723c800ef0b817d929879aa26670134d933e4131f98d0f6439dca125c95c7185d37e","ssdeep":"","tlshash":"23017b2d7c4d6118e03ff3207dd2598e6326e6476327034eb844b525c98bda9232e142","first_seen":"2026-01-05T00:32:53.125316Z","last_seen":"2026-01-05T00:32:53.125316Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-0581bef6.0213b244.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-0581bef6.0213b244.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-1342\"\r\nexpires: Mon, 05 Jan 2026 12:32:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4930,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4914), with no line terminators","md5":"6bf39b816046cef2f5ec4dfe8c4f46b3","sha1":"549af8b6df1863f441b8a340e9be9d05b42ca585","sha256":"ccd760d99217669cdc95cb444229a4a79ba9e3fa40fec8b88ddba839bda421a7","sha512":"6872dea620041ee2dcac7647b4ff40a277072dca647c9d16af43f0d370abce88131554156353118dff617d7895103a9ec67f37853b55f58e80d88ae9ef14d2f1","ssdeep":"96:UZaSeOCsvfRqzDOUhWzrg663N5Zk2wDIDdvQFXZ3DTV+SyipDUGsCBEZz:UZnRfI/aoJ3N5v5M9BL7B8z","tlshash":"c5a1cb12b1c3b26ed5399022ae2d2c34d0745fe49412d895ffb485b46ad0d785b3fbb8","first_seen":"2026-01-05T00:32:53.126547Z","last_seen":"2026-01-05T00:32:53.126547Z","times_seen":1,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/js/jquery-3.3.1.min.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /Finwallapp/js/jquery-3.3.1.min.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-1538f\"\r\nexpires: Mon, 05 Jan 2026 12:32:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":86927,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-06-07T20:24:36.021577Z","times_seen":133811,"resource_available":true,"data":null}},"time_used":1032,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1032,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/vendor/chartjs/Chart.bundle.min.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /Finwallapp/vendor/chartjs/Chart.bundle.min.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-313d9\"\r\nexpires: Mon, 05 Jan 2026 12:32:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201689,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32933)","md5":"5ea1f27eae85d0471fb4b639c9496907","sha1":"88671274cff7d908a79d66df527b8f03a99d3269","sha256":"faaf9d1824ab55b7a3777303bb32472ac936797778b05e5760431f3d9b0e9d81","sha512":"d2a3410d980e2a563c7d58b7f08313faf16415b45d8788c97a10d1df57e7ddaeb5569f03a02d57484442216fc0815b3ed318d122e6ab6c1066b7bf2fd5bb5bdc","ssdeep":"3072:A1cKqXHVDQHJ+Mc0HzBCKd6QFmmjHl9+3:AediHJ+Mc2BCK5FhHl9+3","tlshash":"ca14088d7282712653a712a4042f050fa23b7954284f8a58f676e8d67d7cc9f61bbf3c","first_seen":"2023-03-29T20:56:13Z","last_seen":"2026-06-05T23:22:27.660234Z","times_seen":50,"resource_available":true,"data":null}},"time_used":1023,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1023,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-376ffe94.0ef83cb1.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-376ffe94.0ef83cb1.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-14d8\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5336,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5336), with no line terminators","md5":"ace5ae825043e8c6621f6c29e682af22","sha1":"5ff469fab376c483d587ce9956c71002588c0ff9","sha256":"0f27056d62731805ee4549e19517698acba775376e5c667e162efd1c2c1874ed","sha512":"94435fdfb1235363c924090832d5399413f20de6b9b0a225af9c5d2954e12abc85f81498cbdc13058cabac988da50a76d0a31b4cc23fd5b168c30f8f0cf5550a","ssdeep":"96:pleg03KLPV0qihUfUSvlaFv/2UOudz4NdXd1dRdvdodVdfdOdndw4xdWdWxY:plYaLP/RUS8FvxOudzQdXd1dRdvdodVd","tlshash":"00b19061f1ccb138767be11175e59fc93080a30395a6ad95fad4392a8dffe513b2028a","first_seen":"2026-01-05T00:32:53.132193Z","last_seen":"2026-01-05T00:32:53.132193Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-673c562a.8fa88449.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-673c562a.8fa88449.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-fe7\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4071,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4071), with no line terminators","md5":"446ce303f9c915872f5f200c481bcfd0","sha1":"368f155cdef0eea6389cb28439fdcd21ed6c8089","sha256":"4edd9e00f73df95cdeecc295806b043371450913ae41b685e174461b70ac6ff8","sha512":"e7095219133ce6732bcec42440e3f892336754b15ca8520fe239ce4d122c473145eca948c31c4eb851d7de10fe51f77622826bc87942b4654127d2a6dfe96e6c","ssdeep":"","tlshash":"718183069093245f9abd6048649ddf3121b33a896886835dbbf7cff4c6cca50121fa7d","first_seen":"2026-01-05T00:32:53.134068Z","last_seen":"2026-01-05T00:32:53.134068Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/js/jquery.cookie.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /Finwallapp/js/jquery.cookie.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-c31\"\r\nexpires: Mon, 05 Jan 2026 12:32:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3121,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"d5528dde0006c78be04817327c2f9b6f","sha1":"31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8","sha256":"b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8","sha512":"69484bdb1382ae92c4b860f97fab601db2d8117469619f06e720fe5a516b5eb3f2d88ad6065bba6e28790bd1faa86b20aa753a9a0c7a2ad53c4eb787a404a9af","ssdeep":"","tlshash":"ff516650b7cc361e06ab22516b6f10ace63cff721158449d881965f82cb0c7bdb6bd6a","first_seen":"2023-03-07T01:06:39Z","last_seen":"2026-06-07T18:22:52.696199Z","times_seen":17202,"resource_available":true,"data":null}},"time_used":1028,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1028,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/img/11249.0de141de.png","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:23.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /img/11249.0de141de.png HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-1367\"\r\nexpires: Wed, 04 Feb 2026 00:32:23 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4967,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"0de141de237bc41c8afb8481c62d4e35","sha1":"333635f41e66e672a20b49240e2b50702b4f67ee","sha256":"3e693f287dc948446baff5f68f5aba100ff52d0bcefafe898a7819fa0921ced2","sha512":"b22897894bdc4eea6a87a89d0a9c913855ee45099a2b6e5dabcc384bf5cf2ff03a31ad59b50ab72ae35605aec5ca690e1d48782cb8a252b52983942e92cc2945","ssdeep":"96:JosdZgg3b21h7eNYq+Seb21dSlS1LvzAiALW0Il9i+72c:JNDggbmh7oW94dSMzsi9i+77","tlshash":"80a15cf25edac17183f8a165076d2a44f4a55a7b04557c2287526c3e04af57c32c6c5d","first_seen":"2026-01-05T00:32:53.136436Z","last_seen":"2026-01-05T00:32:53.136436Z","times_seen":1,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-60058516.1822bb7e.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-60058516.1822bb7e.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-51b\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1307,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1307), with no line terminators","md5":"d25d03e0d5d5afb153f7b165eeccd914","sha1":"20aa47101fa6b9e6cb4cd3de3a18528e8e45b531","sha256":"a82b98ce8739994f09b04b8e627a7c589c6448c00728cfafdcf91ba47a7dfea5","sha512":"fba9ce9bab5a7460fd090a38dfabf5db439c91d98595ab162f23339690d4bfe64dd5b4f6cf29f5c198bf63185c54fce63f886a3eaf4b46bf59452968a4de0911","ssdeep":"","tlshash":"3221488bb8865013b5b3e140bec2d3bf06056261ca564f7482b91e394ac70d632afe5a","first_seen":"2026-01-05T00:32:53.137907Z","last_seen":"2026-01-05T00:32:53.137907Z","times_seen":1,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-7570261a.11edbc76.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-7570261a.11edbc76.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 896\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-380\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":896,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (896), with no line terminators","md5":"0ae9501aa84ca69dc37b8ea7c07a6978","sha1":"f2689b284c746f8c0bf03386ccb26c91c3bbaafc","sha256":"8447efc89dba8de6b83d5e7e51fb5125287692b151592145be53ad6f49a9a7c3","sha512":"2a017dce800590436d5c54dbd23a12533e6737686b4b719366fbcfeba8f9a97f9f6c306e06936deb1a58fb80bd01537aaff47978bc6313b2a085774163148dbf","ssdeep":"","tlshash":"d7115358fa8ca511f82bf5c57680c6f50884bb132ac103f9fe1169788dc39e1e791a0c","first_seen":"2026-01-05T00:32:53.139124Z","last_seen":"2026-01-05T00:32:53.139124Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-2d0ced71.b6536c75.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-2d0ced71.b6536c75.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-1498\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5272,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5256), with no line terminators","md5":"b14d7aaeb5fa62cd31fb258fa5273cd4","sha1":"a0aace632e2e4f89af13535bb7c23b343e03d7aa","sha256":"627b5b3be9af8957e473247a1fd4396cecbee15b71c0e86cc51dd88290d6b092","sha512":"f0279ddaa7a0f7eb5ff3f808f578d393a5ad263a2a9d6c6d542a3961cea4895ac08db625c7dc109c1f7b3c0c5cf286347dbd43e3c1ecbffc1785fba03251a9a6","ssdeep":"96:njm2Ybe0dGcmteqvpw2hG9xRhLtRSeBZc6tHZ3d424Z53r:njmRavpnhGHnLtA2ZxHZ3d42YB","tlshash":"36b15514b592f57b981bc12359dc673260227be8c25190d7beb48ce45ad1cb07f1deb8","first_seen":"2026-01-05T00:32:53.140488Z","last_seen":"2026-01-05T00:32:53.140488Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-45ba4b62.0b1ccea4.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-45ba4b62.0b1ccea4.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-1d36\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7478,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7330), with no line terminators","md5":"3f4c6342eeb89a64d98492a7fb1909c7","sha1":"60165ddc8c3b2580a8c2b861a47bf3dc52820dac","sha256":"786c2599221cae51ca8cd2b3ffd9b08618f7c6ba708c1a00f18eadd7950f2794","sha512":"bdbfcc7d0b5a866e96e64b9f445d48b5512966cd1c29923acc00413026588f585ce85c77e366c0385adc16e82f47932ef43d124e74c7f4781737445a6352907f","ssdeep":"192:cNeedN0QsB2JUWeayJFdUFawzFUpDWO1lCz5CvU5cE:cz+QsGelJFdUFaEcZE5C0","tlshash":"bff12ab0a99691eae173d092929f3935dc221f958178d183fb3c821c53da87c161df6c","first_seen":"2026-01-05T00:32:53.141973Z","last_seen":"2026-01-05T00:32:53.141973Z","times_seen":1,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/Finwallapp/js/popper.min.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /Finwallapp/js/popper.min.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-520c\"\r\nexpires: Mon, 05 Jan 2026 12:32:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21004,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20831)","md5":"56456db9d72a4b380ed3cb63095e6022","sha1":"6dbce88aee15b42f29083df7a07513cf3b486ba0","sha256":"66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2","sha512":"e56bd96b837b26add354d0a9e2b8dc04c95cea94f7959ee05718ed23a224296fae22d49afab160b45963bd99c2c501a3f12517e431eb68a13a327ff8b262b50a","ssdeep":"384:kmQkLrwVOyzirVyKnxRsIB9Db5HjiWn8xHOxvRVgD75zBY5vImg3FzGpL9ARdOgS:vLsgyziJp3Db5OxHOxvYD73Y5vQzyL9p","tlshash":"1992b4cc3294b06643a791a7a0af960fb2339875610e9410f19df2d97c30ef9a13bc79","first_seen":"2023-03-07T01:06:27Z","last_seen":"2026-06-07T20:21:26.697288Z","times_seen":18917,"resource_available":true,"data":null}},"time_used":1031,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1031,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-250cedc0.864a3648.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:27.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-250cedc0.864a3648.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-4b3\"\r\nexpires: Mon, 05 Jan 2026 12:32:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1203,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1123), with no line terminators","md5":"b8e399db87c8d0d43fe0e2ccc7136f77","sha1":"5155444b7369024b0a2dc516305f21df9bbd28c7","sha256":"850cb143b931469301a8ca88094ad1e38870ec723b52a92e56d36a749ec0e8a9","sha512":"b62c77b1153ce79cd612cc0560cbc3ee50d1e150ca76e18083b3e665abbcf4a636ad41239472d5ff9798b80b149d00939bb5fb70c618ea16a0e6cb2935572e57","ssdeep":"","tlshash":"89211068b0c7902da5ba4045561b3635e0212b9c5b2790d2bf38d6a1b7608ae532ff79","first_seen":"2026-01-05T00:32:53.14459Z","last_seen":"2026-01-05T00:32:53.14459Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-4060a842.f9c43aa5.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:28.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-4060a842.f9c43aa5.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-15fd\"\r\nexpires: Mon, 05 Jan 2026 12:32:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5629,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5629), with no line terminators","md5":"ded3a62a663bb0f0a8765fb4d549464b","sha1":"51d44de06d1037b3fb965a01750ff7f5b79a6efb","sha256":"2b5d4b759eb6d9506f44cdfae30b4b861d6ce14adb2f0038935933297430f13c","sha512":"1b8fcd023169eb685e0e952887367b2cb701ee78e70d38fe6f7814b8615bcd21bd32e9ad968abb0252ed67efa347feb8bbe53367c6b84708ad5d21a8efcb13fb","ssdeep":"96:JokCZZFrUKiF2yx5rYDT+bPbtM4AXRC3Eo5UezSX3XgqRB4hTdvO:JCFtifrnDouEo5Ueu3gqRB4hB2","tlshash":"24c1b62d90d2783b5d90e194208de919712b3a556683c0ecbff04be55b94ab8252e3fb","first_seen":"2026-01-05T00:32:53.146216Z","last_seen":"2026-01-05T00:32:53.146216Z","times_seen":1,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/img/11245.9993929d.png","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:23.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /img/11245.9993929d.png HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-128d\"\r\nexpires: Wed, 04 Feb 2026 00:32:23 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4749,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"9993929d744e792ce634dc427cb17d86","sha1":"df1f2e4343661fc84b968474d43e0947c38bd9a3","sha256":"db823bbd79a9f19809a53dbadf8288cf6aa0d4ab1e46048048df5b2df61fa275","sha512":"abd54626c2221c622357100e6bbfa2328202af43dcd709e417e467f9c3ae8d7d52425a05c4db52c0928cd40516f75bafd0626a8d6a061ba698af4c131b5fab93","ssdeep":"96:zQFWnfRNmqiX8WZbaL11zzOkWQsV0Jk67ddXku9gpVYvyjohx6NP0hHGzkJ:kefKbaLzfliGW6LUow1j8kNP0hHGzQ","tlshash":"3fa16d25cee3a27557e20f533a021bdb85b1e01c54f779e8592cc97e6f4868e0a1289f","first_seen":"2026-01-05T00:32:53.147563Z","last_seen":"2026-01-05T00:32:53.147563Z","times_seen":1,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-250cedc0.5707e3f0.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-250cedc0.5707e3f0.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\ncontent-length: 585\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-249\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":585,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (585), with no line terminators","md5":"7fe0901870be8e5ce225dabdda4d0464","sha1":"a73f95cb7b4b6330d68ab63b01fa86f044fdcf8e","sha256":"52aac662ff0a63e4d2c95366f90a8609ccd536cd451679a3456f9e7312a99172","sha512":"11b53a3cf73ba0732016dca01d98bd4568b517130eae6e3c881d467174121505124f649173a09a41de5f0b41f5e9ac472d2c704cce7d59ddb3e0cb6aeccefe32","ssdeep":"","tlshash":"66f0f61f7c9b7016eaf7d0113ee64cec88106153ac1e63ac7d195d11cadb2d860b92d7","first_seen":"2026-01-05T00:32:53.149148Z","last_seen":"2026-01-05T00:32:53.149148Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-f2df2314.7b9bbf2e.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-f2df2314.7b9bbf2e.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:26 GMT\r\ncontent-type: text/css\r\ncontent-length: 409\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-199\"\r\nexpires: Mon, 05 Jan 2026 12:32:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":409,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (409), with no line terminators","md5":"3bdd9178758e28abf8d3c10e085a985e","sha1":"930bbaba4db67c31d252cd3561373804017be0a2","sha256":"64d9dfca7abc0e07a49b1cfb07479d5d8933033012770efd2031f69b5147f748","sha512":"6e84e7f4f833441583eda5b2ed8f861978170928f9b9ff19672f86caf9b5572c0c3b9584d5d5e03c30e2ab247bdb4e52a8e6680bc4187caeea4ce6778a60d556","ssdeep":"","tlshash":"9ae0ed0e2407a01792fbc4a13de3ac5c4000ad43960e2f38c12ebcd28e9b4d122b91cf","first_seen":"2026-01-05T00:32:53.150698Z","last_seen":"2026-01-05T00:32:53.150698Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-ff1860d8.ff9f93a5.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.448Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-ff1860d8.ff9f93a5.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-d58\"\r\nexpires: Mon, 05 Jan 2026 12:32:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3416,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3416), with no line terminators","md5":"a72c44a812138d69da317d0b06cb2f2e","sha1":"0963465484985456cf2347c762f51b9269b2eab6","sha256":"b08ea1ccb4ed9ffcfd29d3125b3962313c3c9fece6e6d3c067d281791048a213","sha512":"2428f0a748b53c6b080ec543c2e197b9ea7e93fe00dd2d2bc63fe779184743b63d72adc1fea90bac6bde608380fac9f3b3673f066e4549252d83d51258803f33","ssdeep":"","tlshash":"5c61bde3e15c207df527e530bd986bc9b086c173e093265884d630b884cd7aa3ba3756","first_seen":"2024-08-20T12:21:33.696572Z","last_seen":"2026-01-05T00:32:53.152445Z","times_seen":4,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-ffcc214e.d452f49c.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:26.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-ffcc214e.d452f49c.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:26 GMT\r\ncontent-type: text/css\r\ncontent-length: 122\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-7a\"\r\nexpires: Mon, 05 Jan 2026 12:32:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":122,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"312c36935009540927b7c9d83a988513","sha1":"e76ce3ed841ec31185a3f5d86032a609a642144b","sha256":"bd79225b45ddae6761d18b33ad7786c0ce9ebefc3484087579db76a5d134a211","sha512":"8ee4a65bcb9140cc1a0b557c2ab1d4e39192013fa9f0e2a8286bf2615e928ff758eb17b7d308916d8d110ed61238952a589a704524703b969ad1e8ffa9af0814","ssdeep":"","tlshash":"c0b09b91514d6119956760f05271085462813746564fd4055f15b331cd92cd176715c8","first_seen":"2026-01-05T00:32:53.153221Z","last_seen":"2026-01-05T00:32:53.153221Z","times_seen":1,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/js/chunk-vendors.ef372108.js","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:21.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /js/chunk-vendors.ef372108.js HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-7d048\"\r\nexpires: Mon, 05 Jan 2026 12:32:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":512072,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (60368)","md5":"ddfdcb2ae93ee4a66ed59e73aeb68077","sha1":"f38f6388e37d143d6790b3b5eb857840abb79a36","sha256":"82a05dc06d8d0372fd546685738e991b596717b32671763435d2a1ee68e0d75e","sha512":"d1bf8f6393d3908691462ae107f14016b9e5bb35efd8d17cf871feb5d4a5d5d00a031423c45e91a691ebdee2d413366309957290dbbc8e02b8d89b4229e4a153","ssdeep":"6144:s5fbuVCK9moBzgX4RUL00zxJyilK8MbIC:gTu7moB+QU9lK1bn","tlshash":"fbb4e78ab2c2b02547a770b4402f110bf2376958b40a84d8fa79f4e56d7ca5da13bf7d","first_seen":"2025-12-13T04:12:16.535188Z","last_seen":"2026-01-05T00:32:53.15479Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1032,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1032,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/api/Common/BackData","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:23.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"POST /api/Common/BackData HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nuser_id: \r\nuser_token: \r\nContent-Length: 13\r\nOrigin: https://sx92.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":13,"data":"{\"lang\":\"en\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:23 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49990,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"c2e027ee11886dc5ce2428745b2007b1","sha1":"3cc93c7f5b464728bbf29c13dce0b9b799edf335","sha256":"d31a2c6039f10db6966b5435fa52ffc23152db72106a6d7c3a817cb0a74292d6","sha512":"6433aafcc2aace4a01311c05df5126cac1db3bd812a4a48dcafd9e1f54aa7bde5fa1a6ab959b339ac237d76ccedcb0ea22d24916ff44365ed5bc5fd7cd4f7729","ssdeep":"384:tBtFPp2tqkHwug3a42wMRinrhOIaDaRdc7q/xhE/udFUMzzxpxyTuLRaPkK8yqeT:bTkHwug/BrhOIp6FkykzWkjELIczG1cP","tlshash":"55233206f35a0320a99244d6f75f73f775ae104ca302187968fc9eac128e87e67767c6","first_seen":"2026-01-05T00:32:53.155606Z","last_seen":"2026-01-05T00:32:53.155606Z","times_seen":1,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":299,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-17da66b5.063e99e1.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:24.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-17da66b5.063e99e1.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:24 GMT\r\ncontent-type: text/css\r\ncontent-length: 1023\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-3ff\"\r\nexpires: Mon, 05 Jan 2026 12:32:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1023,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1023), with no line terminators","md5":"be6c5950f64730283ae1fdef6896ce7f","sha1":"14412f44a52f968b01d255301edf78e2c691cb75","sha256":"20544aa35b9d59302c2311902d96e81ebc949d551f1d05b982660ec23ff0a5ae","sha512":"116e82e061803edad5ef65f6f51a6549f97d1d0b96d1ccf57264ecb9d67ba761a4b9dbd513ec846b915db29fccac355d2dc6d7afe3fc82e7c88506f4288ad525","ssdeep":"","tlshash":"be110585b706223afc3bec61d56e52dd5010af87f5169bac6005f13549c7ad11fb21dc","first_seen":"2026-01-05T00:32:53.157306Z","last_seen":"2026-01-05T00:32:53.157306Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-62b52f72.50f16f5f.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-62b52f72.50f16f5f.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 297\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\netag: \"69435d80-129\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":297,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"8cb14966e8f31e34364c133ede39e97e","sha1":"31e5e9a0f8401a624c48f414981bc0c85eb8ca6f","sha256":"35e00729e62566b0a24802bd6099211c8fde3bc4078ffafed44f5010e3c9342e","sha512":"b1fbc96191570a14cbdb2fd10f6c9e9a2387e75c0120dc20d13646573d602995caab75b1e31ae308a6adf6bc0a6ea4131bdb332e8d30acc5ae38447e4a30f495","ssdeep":"","tlshash":"afe07d64dda0e116f8bfd004b3a384cc33325c633d4107e6e500d82084c79e220240ea","first_seen":"2026-01-05T00:32:53.158759Z","last_seen":"2026-01-05T00:32:53.158759Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-78f261c5.2db85648.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-78f261c5.2db85648.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-1788\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6024,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6024), with no line terminators","md5":"962318898acfa0ec9e4eff5e7cdec44f","sha1":"60f045d2aaf94c9aea68d213dced0fc535de043a","sha256":"d031f776a800fa7d5325f430b277b26939eadb77b6a342fcf985df321fcdbf9d","sha512":"53e8b6d28a9722002fe00011021af1e00934bc59e4c05c3dcf479f6a1bd91469c8e6afa63c2a3f998911f435d5a5da5e38a2301dd15e26a5d9f0b78dae4c3f83","ssdeep":"96:avatJ3qbRGrYrD0dVRAmTAbvDYPlP5khn+FQjn6Gqm2ANTXqcqpYjDBxMD22bDD4:avatJ3qNG0CV6pY9P5kh+FQjem2yeBpq","tlshash":"58c1dd19bccc1e20bd2bd190b18596e521947f63d7030329da11e8b9cee35e2a753e7c","first_seen":"2026-01-05T00:32:53.160324Z","last_seen":"2026-01-05T00:32:53.160324Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sx92.com/css/chunk-7f9e73ad.222efa23.css","fqdn":"sx92.com","domain":"sx92.com","tld":"com"},"ip":{"addr":"47.84.197.138","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://sx92.com/#/","date":"2026-01-05T00:32:25.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sx92.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 06:58:07 GMT","end":"Thu, 12 Mar 2026 06:58:06 GMT"},"fingerprint":{"sha1":"16:AC:85:2F:09:CD:B0:C9:09:F8:A3:F7:67:08:6E:90:FB:C0:57:BE","sha256":"7F:96:82:A5:55:29:8B:22:98:69:44:6E:ED:84:4A:0D:B4:03:55:4D:06:A4:FB:6E:CE:D9:EA:1F:26:B2:59:9A"}}},"request":{"raw":"GET /css/chunk-7f9e73ad.222efa23.css HTTP/1.1\r\nHost: sx92.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sx92.com/\r\nCookie: stylesheet2=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 00:32:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 18 Dec 2025 01:48:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69435d80-1ab1\"\r\nexpires: Mon, 05 Jan 2026 12:32:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6833,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6833), with no line terminators","md5":"fb5e592fb3e146bf724be9ce9baf5713","sha1":"aa37c727c13ad48d9a4625d070ee6e3d61bed3c4","sha256":"63279e5c2fbf816074b8fb8e8205cf4216d4f6eede2950743b24a1db58d75de4","sha512":"f804a2632d45a487fb5f9fdd110c6c788dee2191863408c5f95cb54108077ab426f27028ba02fda6f17b4cfbb010311580fa8f4e6d86c84f7b9bb0af3dbeda61","ssdeep":"96:DnFusIMSEkRPDvVhG23KIENcK1pe7bw66rc3Kk7TMPx0N7N1VNII6uc:DnFusIxZDev1pAbw6F6k7ASZNrNnc","tlshash":"aee1a625be5c7458b63bd252b51a59de3000e347a6d327fee8c07537cc879b2316b588","first_seen":"2026-01-05T00:32:53.162474Z","last_seen":"2026-01-05T00:32:53.162474Z","times_seen":1,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"sx92.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}