{"report_id":"7fa67c39-8343-4c03-b0ec-38b5f93db233","version":6,"status":"done","tags":[],"date":"2025-10-31T15:22:34Z","url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"title":"Iniciar sesiĆ³n","dom":{"size":8947,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4230)","md5":"f395b0c706500d92ce9f815c99eef879","sha1":"699cb739282f91a9e7fe671d49f5c1bc18f4377b","sha256":"c8df697680b9120cc086798bf02d90488206ff8d49b9966a921e59fa3ff3630a","sha512":"1759589b3cf594e52d070a74df7f17e24f3ab40cff07d0a278234227e8c168e039c525d1f32718b469fe2ab3c29a79fd08dabf34a33123a1ebca7f5fa0901e4f","ssdeep":"192:Ec190N0Oydd2Q5YbDJcbY2MVF1UCfw+hFOmCb1S3B:lad2L5Yb+kyCbFOy","tlshash":"e302a624ed91962712332cac75bab319b46bc10fda0bdd057aec27d44fe8d988571b44","dom_hash":"domhash1f3ac82db23041fcef0066a8c56b4bd1","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":"PGh0bWwgY2xhc3M9ImRlZXBwdXJwbGUtdGhlbWUiIGxhbmc9ImVuIj48aGVhZD48bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1VVEYtOCI+PG1ldGEgbmFtZT0idmlld3BvcnQiIGNvbnRlbnQ9IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xLCBzaHJpbmstdG8tZml0PW5vLCB2aWV3cG9ydC1maXQ9Y292ZXIsIHVzZXItc2NhbGFibGU9bm8iPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPjx0aXRsZT5JbmljaWFyIHNlc2nDs248L3RpdGxlPjwhLS0gTWF0ZXJpYWwgZGVzaWduIGljb25zIENTUyAtLT48bGluayBocmVmPSJodHRwczovL2ZvbnRzLmdvb2dsZWFwaXMuY29tL2ljb24/ZmFtaWx5PU1hdGVyaWFsK0ljb25zIiByZWw9InN0eWxlc2hlZXQiPjwhLS0gUm9ib3RvIGZvbnRzIENTUyAtLT48bGluayBocmVmPSJodHRwczovL2ZvbnRzLmdvb2dsZWFwaXMuY29tL2Nzcz9mYW1pbHk9Um9ib3RvOjMwMCw0MDAsNTAwLDcwMCZhbXA7ZGlzcGxheT1zd2FwIiByZWw9InN0eWxlc2hlZXQiPjwhLS0gQm9vdHN0cmFwIGNvcmUgQ1NTIC0tPjxsaW5rIGhyZWY9Ii9yZWQvYm9vdHN0cmFwL2Nzcy9ib290c3RyYXAubWluLmNzcyIgcmVsPSJzdHlsZXNoZWV0Ij48IS0tIFN3aXBlciBDU1MgLS0+PGxpbmsgaHJlZj0iL3JlZC9zd2lwZXIvc3dpcGVyLWJ1bmRsZS5taW4uY3NzIiByZWw9InN0eWxlc2hlZXQiPjwhLS0gQ3VzdG9tIHN0eWxlcyBmb3IgdGhpcyB0ZW1wbGF0ZSAtLT48bGluayBocmVmPSIvcmVkL3N0eWxlLmNzcz92PVYxLjI0IiByZWw9InN0eWxlc2hlZXQiPjxsaW5rIHJlbD0ic3R5bGVzaGVldCIgaHJlZj0iL3N0YXRpY19uZXcvY3NzL3B1YmxpYy5jc3M/dj1WMS4yNCI+PGxpbmsgaHJlZj0iL3B1YmxpYy9qcy9sYXllcl9tb2JpbGUvbmVlZC9sYXllci5jc3M/Mi4wIiB0eXBlPSJ0ZXh0L2NzcyIgcmVsPSJzdHlsZVNoZWV0IiBpZD0ibGF5ZXJtY3NzIj48c2NyaXB0IHNyYz0iL3JlZC9qcXVlcnktMy4zLjEubWluLmpzIj48L3NjcmlwdD48bGluayByZWw9InN0eWxlc2hlZXQiIGhyZWY9Ii9zdGF0aWNzL2ludGwtdGVsLWlucHV0LW1hc3Rlci9jc3MvaW50bFRlbElucHV0LmNzcyI+PGxpbmsgcmVsPSJzdHlsZXNoZWV0IiBocmVmPSIvc3RhdGljcy9pbnRsLXRlbC1pbnB1dC1tYXN0ZXIvY3NzL2RlbW8uY3NzIj48bGluayBocmVmPSJodHRwOi8vc3NzZGQuMmJrZzdldXNvYS50b3AvcHVibGljL2pzL2xheWVyX21vYmlsZS9uZWVkL2xheWVyLmNzcz8yLjAiIHR5cGU9InRleHQvY3NzIiByZWw9InN0eWxlU2hlZXQiIGlkPSJsYXllcm1jc3MiPjwvaGVhZD48Ym9keSBjbGFzcz0iIj48ZGl2IGNsYXNzPSJ3cmFwcGVyIHBhc3Nwb3J0Ij48IS0tIGhlYWRlciAtLT48ZGl2IGNsYXNzPSJoZWFkZXIiPjxkaXYgY2xhc3M9InJvdyBuby1ndXR0ZXJzIj48ZGl2IGNsYXNzPSJjb2wtMiI+PC9kaXY+PGRpdiBjbGFzcz0iY29sLTggdGV4dC1jZW50ZXIiPjxzcGFuIGNsYXNzPSJidG4iIHN0eWxlPSJ3aWR0aDogMTAwJTtkaXNwbGF5OiBub25lIj5JbmljaWFyIHNlc2nDs248L3NwYW4+PC9kaXY+PGRpdiBjbGFzcz0iY29sLTIgdGV4dC1yaWdodCI+PGEgaHJlZj0iL2luZGV4L3VzZXIvbGFuZyIgY2xhc3M9ImJ0biBidG4tbGluayB0ZXh0LWRhcmsiPjxpIGNsYXNzPSJtYXRlcmlhbC1pY29ucyIgc3R5bGU9ImRpc3BsYXk6IGlubGluZS1ibG9jayI+bGFuZ3VhZ2U8L2k+PC9hPjwvZGl2PjwvZGl2PjwvZGl2PjwhLS0gaGVhZGVyIGVuZHMgLS0+PGRpdiBjbGFzcz0iY29udGFpbmVyIHRpdGxlIj48ZGl2IGNsYXNzPSJyb3ciIHN0eWxlPSJkaXNwbGF5OiBub25lIj48ZGl2IGNsYXNzPSJjb2wgbXQtNCBtYi0yIj48aDQ+SW5pY2lhciBzZXNpw7NuPC9oND48L2Rpdj48L2Rpdj48L2Rpdj48ZGl2IGNsYXNzPSJjb250YWluZXIiPjxkaXYgY2xhc3M9ImJnLWRlZmF1bHQiPjxkaXYgY2xhc3M9InJvdyBuby1ndXR0ZXJzIGxvZ2luLXJvdyI+PGRpdiBjbGFzcz0iY29sIGFsaWduLXNlbGYtY2VudGVyIHB4LTMgdGV4dC1jZW50ZXIgbXQtNCI+PGltZyBzcmM9Ii9sb2dvLmpwZyIgc3R5bGU9IndpZHRoOjEwMHB4O2hlaWdodDoxMDBweDtib3JkZXItcmFkaXVzOiAxMHB4Ij48cCBzdHlsZT0ibWFyZ2luLXRvcDogMTBweDsgZm9udC1zaXplOiAxNHB4Ij48Yj5NYXJrZXRpbmcgZGUgd2FsbWFydDwvYj48L3A+PHAgc3R5bGU9Im1hcmdpbi10b3A6IDVweDsgZm9udC1zdHlsZTogaXRhbGljIj5Mb3MgdmVyZGFkZXJvcyBwZXJkZWRvcmVzIHNvbiBhcXVlbGxvcyBxdWUgdGVtZW4gZmFsbGFyIG8gaW5jbHVzbyBubyBzZSBhdHJldmVuIGEgaW50ZW50YXJsby48L3A+PGZvcm0gY2xhc3M9ImZvcm0tc2lnbmluIG10LTMgIj48ZGl2IGNsYXNzPSJmb3JtLWdyb3VwIGlucHV0LWdyb3VwIj48ZGl2IGNsYXNzPSJpbnB1dC1ncm91cC1wcmVwZW5kIj48YnV0dG9uIGNsYXNzPSJidG4gZHJvcGRvd24tdG9nZ2xlIGFkZHJlc3MiIHR5cGU9ImJ1dHRvbiIgZGF0YS10b2dnbGU9ImRyb3Bkb3duIiBhcmlhLWhhc3BvcHVwPSJ0cnVlIiBhcmlhLWV4cGFuZGVkPSJmYWxzZSI+KzUyPC9idXR0b24+PGRpdiBjbGFzcz0iZHJvcGRvd24tbWVudSI+PGEgY2xhc3M9ImRyb3Bkb3duLWl0ZW0iIGhyZWY9IiMiPis1MjwvYT48L2Rpdj48L2Rpdj48aW5wdXQgdHlwZT0idGV4dCIgbmFtZT0idGVsIiBjbGFzcz0iZm9ybS1jb250cm9sIGZvcm0tY29udHJvbC1sZyB0ZXh0LWNlbnRlciIgcGxhY2Vob2xkZXI9InBvciBmYXZvciwgaW50cm9kdXpjYSBzdSBuw7ptZXJvIGRlIHRlbMOpZm9ubyIgdmFsdWU9IiIgcmVxdWlyZWQ9IiIgYXV0b2ZvY3VzPSIiPjwvZGl2PjxkaXYgY2xhc3M9ImZvcm0tZ3JvdXAiPjxpbnB1dCB0eXBlPSJwYXNzd29yZCIgaWQ9ImlucHV0UGFzc3dvcmQiIG5hbWU9InB3ZCIgY2xhc3M9ImZvcm0tY29udHJvbCBmb3JtLWNvbnRyb2wtbGcgdGV4dC1jZW50ZXIiIHBsYWNlaG9sZGVyPSJJbmdyZXNlIHN1IGNvbnRyYXNlw7FhIiB2YWx1ZT0iIiByZXF1aXJlZD0iIj48L2Rpdj48IS0tPGRpdiBjbGFzcz0iZm9ybS1ncm91cCBteS00IHRleHQtbGVmdCI+PGRpdiBjbGFzcz0iY3VzdG9tLWNvbnRyb2wgY3VzdG9tLWNoZWNrYm94Ij48aW5wdXQgdHlwZT0iY2hlY2tib3giIGNsYXNzPSJjdXN0b20tY29udHJvbC1pbnB1dCIgaWQ9InJlbWVtYmVybWUiPjxsYWJlbCBjbGFzcz0iY3VzdG9tLWNvbnRyb2wtbGFiZWwiIGZvcj0icmVtZW1iZXJtZSI+UmVtZW1iZXIgTWU8L2xhYmVsPjwvZGl2PjwvZGl2Pi0tPjwvZm9ybT48L2Rpdj48L2Rpdj48ZGl2IGNsYXNzPSJyb3cgbXgtMCBtdC00Ij48ZGl2IGNsYXNzPSJjb2wiPjxidXR0b24gY2xhc3M9ImJ0biBidG4tZGVmYXVsdCBidG4tbGcgYnRuLXJvdW5kZWQgc2hhZG93IGJ0bi1ibG9jayBsb2dpbiI+SW5pY2lhciBzZXNpw7NuPC9idXR0b24+PGRpdiBjbGFzcz0ibXQtNCByb3cganVzdGlmeS1jb250ZW50LWNlbnRlciI+PGEgaHJlZj0iL2luZGV4L3VzZXIvcmVnaXN0ZXIiIGNsYXNzPSJjb2wtNiBkLWJsb2NrIHRleHQtY2VudGVyIj5SZWdpc3RyYXJzZTwvYT48IS0tPGEgaHJlZj0iL2luZGV4L3VzZXIvZm9yZ2V0IiBjbGFzcz0iY29sLTYgZC1ibG9jayB0ZXh0LXJpZ2h0Ij5SZXN0YWJsZWNlciBjb250cmFzZSZudGlsZGU7YTwvYT4tLT48L2Rpdj48L2Rpdj48L2Rpdj48L2Rpdj48L2Rpdj48L2Rpdj48ZGl2IGNsYXNzPSJub3RpZmljYXRpb24gc2hhZG93IHB0LTAgcGwtMCBwci0wIGJvcmRlci0wIGJnLXRlbXBsYXRlLWxpZ2h0Ij48ZGl2IGlkPSJub3RpZmljYXRpb25fY291bnRkb3duIj48L2Rpdj48ZGl2IGNsYXNzPSJyb3cgcHQtMiBwbC0zIHByLTMiPjxkaXYgY2xhc3M9ImNvbC1hdXRvIGFsaWduLXNlbGYtY2VudGVyIHByLTAiPjxpIGNsYXNzPSJtYXRlcmlhbC1pY29ucyB0ZXh0LXRlbXBsYXRlIG1kLTM2Ij5yZWRlZW08L2k+PC9kaXY+PGRpdiBjbGFzcz0iY29sIHNtYWxsIG5vdGlmaWNhdGlvbi1jb250ZW50Ij5sb2FkaW5nLi4uPC9kaXY+PGRpdiBjbGFzcz0iY29sLWF1dG8gYWxpZ24tc2VsZi1jZW50ZXIgcGwtMCI+PGJ1dHRvbiBjbGFzcz0iYnRuIGJ0bi1saW5rIGNsb3Nlbm90aWZpY2F0aW9uIj48aSBjbGFzcz0ibWF0ZXJpYWwtaWNvbnMgdGV4dC10ZW1wbGF0ZSBtZC0xOCAiPmNsb3NlPC9pPjwvYnV0dG9uPjwvZGl2PjwvZGl2PjwvZGl2PjxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij52YXIgYXBwID0gewogICAgJ29ubGluZV9wb3B1cCc6ICIiLAp9PC9zY3JpcHQ+PCEtLSBqcXVlcnksIHBvcHBlciBhbmQgYm9vdHN0cmFwIGpzIC0tPjxzY3JpcHQgc3JjPSIvcmVkL3BvcHBlci5taW4uanMiPjwvc2NyaXB0PjxzY3JpcHQgc3JjPSIvcmVkL2Jvb3RzdHJhcC9qcy9ib290c3RyYXAubWluLmpzIj48L3NjcmlwdD48IS0tIHN3aXBlciBqcyAtLT48c2NyaXB0IHNyYz0iL3JlZC9zd2lwZXIvc3dpcGVyLWJ1bmRsZS5taW4uanMiPjwvc2NyaXB0PjwhLS0gY29va2llIGpzIC0tPjxzY3JpcHQgc3JjPSIvcmVkL2pxdWVyeS5jb29raWUuanMiPjwvc2NyaXB0PjxzY3JpcHQgY2hhcnNldD0idXRmLTgiIHNyYz0iL3N0YXRpY19uZXcvanMvZGlhbG9nLm1pbi5qcyI+PC9zY3JpcHQ+PGxpbmsgcmVsPSJzdHlsZXNoZWV0IiBocmVmPSIvcHVibGljL2pzL2xheWVyX21vYmlsZS9uZWVkL2xheWVyLmNzcyI+PHNjcmlwdCBzcmM9Ii9wdWJsaWMvanMvbGF5ZXJfbW9iaWxlL2xheWVyLmpzIj48L3NjcmlwdD48c2NyaXB0IGNoYXJzZXQ9InV0Zi04IiBzcmM9Ii9zdGF0aWNfbmV3L2pzL2pxdWVyeS5wcm9ncmVzc0JhclRpbWVyLmpzIj48L3NjcmlwdD48c2NyaXB0IGNoYXJzZXQ9InV0Zi04IiBzcmM9Ii9zdGF0aWNfbmV3L2pzL2NvbW1vbi5qcyI+PC9zY3JpcHQ+PCEtLSB0ZW1wbGF0ZSBjdXN0b20ganMgLS0+PHNjcmlwdCBzcmM9Ii9yZWQvbWFpbi5qcz92PVYxLjI0Ij48L3NjcmlwdD48c2NyaXB0IHR5cGU9ImFwcGxpY2F0aW9uL2phdmFzY3JpcHQiPnNlc3Npb25TdG9yYWdlLnNldEl0ZW0oJ2xvZ2luX2ZsYWcnLCAnMScpOwokKGZ1bmN0aW9uKCkgewogICAgLyrmo4Dmn6XooajljZUqLwogICAgZnVuY3Rpb24gY2hlY2soKSB7CiAgICAgICAgaWYgKCQoImlucHV0W25hbWU9dGVsXSIpLnZhbCgpID09ICcnIHx8ICQoImlucHV0W25hbWU9cHdkXSIpLnZhbCgpID09ICcnKSB7CiAgICAgICAgICAgICQoZG9jdW1lbnQpLmRpYWxvZyh7CiAgICAgICAgICAgICAgICBpbmZvVGV4dDogJ1BsZWFzZSBlbnRlciBhY2NvdW50IC8gcGFzc3dvcmQnCiAgICAgICAgICAgIH0pOwogICAgICAgICAgICByZXR1cm4gZmFsc2U7CiAgICAgICAgfQogICAgICAgIHJldHVybiB0cnVlOwogICAgfQoKICAgIC8q55uR5ZCs6LSm5Y+3aW5wdXQqLwogICAgJCgiaW5wdXRbbmFtZT10ZWxdIikuYmluZCgiaW5wdXQgcHJvcGVydHljaGFuZ2UiLAogICAgICAgIGZ1bmN0aW9uKCkgewogICAgICAgICAgICBpZiAoJCh0aGlzKS52YWwoKSAhPT0gJycpIHsKICAgICAgICAgICAgICAgICQoJy5pY29uLWRlbGV0ZScpLnNob3coKTsKICAgICAgICAgICAgfSBlbHNlIHsKICAgICAgICAgICAgICAgICQoJy5pY29uLWRlbGV0ZScpLmhpZGUoKTsKICAgICAgICAgICAgfQogICAgICAgIH0pOwoKICAgIC8q54K55Ye75Yig6ZmkaWNvbiovCiAgICAkKCIuaWNvbi1kZWxldGUiKS5vbignY2xpY2snLAogICAgICAgIGZ1bmN0aW9uKCkgewogICAgICAgICAgICAkKCJpbnB1dFtuYW1lPXRlbF0iKS52YWwoJycpOwogICAgICAgICAgICAkKCcuaWNvbi1kZWxldGUnKS5oaWRlKCk7CiAgICAgICAgfSkKCiAgICAvKuaYvuekum9y6ZqQ6JeP5a+G56CBKi8KICAgICQoIi5pY29uLWV5ZSIpLm9uKCdjbGljaycsCiAgICAgICAgZnVuY3Rpb24oKSB7CiAgICAgICAgICAgIHZhciB0eXBlID0gJCgiaW5wdXRbbmFtZT1wd2RdIikuYXR0cigidHlwZSIpOwogICAgICAgICAgICBpZiAodHlwZSA9PSAncHdkJykgewogICAgICAgICAgICAgICAgJCgiaW5wdXRbbmFtZT1wd2RdIikuYXR0cigndHlwZScsICd0ZXh0Jyk7CiAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgIH0KICAgICAgICAgICAgJCgiaW5wdXRbbmFtZT1wd2RdIikuYXR0cigndHlwZScsICdwd2QnKTsKICAgICAgICB9KTsKCiAgICAvKueCueWHu+eZu+W9lSovCiAgICAkKCIubG9naW4iKS5vbignY2xpY2snLAogICAgICAgIGZ1bmN0aW9uKCkgewogICAgICAgICAgICBpZiAoY2hlY2soKSkgewogICAgICAgICAgICAgICAgdmFyIGhvc3QgPSB3aW5kb3cubG9jYXRpb24uaG9zdDsKICAgICAgICAgICAgICAgIGlmIChob3N0LnN0YXJ0c1dpdGgoJ2xvY2FsaG9zdCcpKSB7CiAgICAgICAgICAgICAgICAgICAgZm9ybV9zdWJtaXQoJycpOwogICAgICAgICAgICAgICAgfSBlbHNlIHsKICAgICAgICAgICAgICAgICAgICAvKiAgICAgICAgICAgICAgICAgICAgZ3JlY2FwdGNoYS5yZWFkeShmdW5jdGlvbigpIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBncmVjYXB0Y2hhLmV4ZWN1dGUoJzZMZEM5OUVaQUFBQUFCZnpJNDFRNDhaU2QyUGUyYUhBX3ZKNjFnbzQnLCB7YWN0aW9uOiAnc3VibWl0J30pLnRoZW4oZnVuY3Rpb24odG9rZW4pIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLy8gQWRkIHlvdXIgbG9naWMgdG8gc3VibWl0IHRvIHlvdXIgYmFja2VuZCBzZXJ2ZXIgaGVyZS4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9ybV9zdWJtaXQodG9rZW4pOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0pOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgfSk7Ki8KICAgICAgICAgICAgICAgICAgICBmb3JtX3N1Ym1pdCgnJyk7CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgIH0KICAgICAgICB9KTsKCiAgICBmdW5jdGlvbiBmb3JtX3N1Ym1pdChyZUNBUFRDSEEpIHsKICAgICAgICB2YXIgbG9hZGluZyA9IG51bGw7CiAgICAgICAgdmFyIHRlbCA9ICQoImlucHV0W25hbWU9dGVsXSIpLnZhbCgpOwogICAgICAgIHZhciBwd2QgPSAkKCJpbnB1dFtuYW1lPXB3ZF0iKS52YWwoKTsKICAgICAgICB2YXIgaml6aHUgPSAkKCJpbnB1dFtuYW1lPWppemh1XSIpLnZhbCgpOwogICAgICAgIHZhciBfY3NyZl8gPSAiY3NyZjY5MDRkNDI3MWNhNTMiOwogICAgICAgICQuYWpheCh7CiAgICAgICAgICAgIHVybDogIi9pbmRleC91c2VyL2RvX2xvZ2luLmh0bWwiLAogICAgICAgICAgICBkYXRhOiB7CiAgICAgICAgICAgICAgICB0ZWw6IHRlbCwKICAgICAgICAgICAgICAgIHB3ZDogcHdkLAogICAgICAgICAgICAgICAgaml6aHU6IGppemh1LAogICAgICAgICAgICAgICAgJ19jc3JmXyc6IF9jc3JmXywKICAgICAgICAgICAgICAgICdyZUNBUFRDSEEnOiByZUNBUFRDSEEKICAgICAgICAgICAgfSwKICAgICAgICAgICAgdHlwZTogJ1BPU1QnLAogICAgICAgICAgICBiZWZvcmVTZW5kOiBmdW5jdGlvbihyZXF1ZXN0KSB7CiAgICAgICAgICAgICAgICByZXF1ZXN0LnNldFJlcXVlc3RIZWFkZXIoJ1VzZXItVG9rZW4tQ3NyZicsIF9jc3JmXyk7CiAgICAgICAgICAgICAgICBsb2FkaW5nID0gJChkb2N1bWVudCkuZGlhbG9nKHsKICAgICAgICAgICAgICAgICAgICB0eXBlOiAnbm90aWNlJywKICAgICAgICAgICAgICAgICAgICBpbmZvSWNvbjogJy9zdGF0aWNfbmV3L2ltZy9sb2FkaW5nLmdpZicsCiAgICAgICAgICAgICAgICAgICAgaW5mb1RleHQ6ICdsb2FkaW5nLi4uJywKICAgICAgICAgICAgICAgICAgICBhdXRvQ2xvc2U6IDAKICAgICAgICAgICAgICAgIH0pOwogICAgICAgICAgICB9LAogICAgICAgICAgICBzdWNjZXNzOiBmdW5jdGlvbihkYXRhKSB7CiAgICAgICAgICAgICAgICBsb2FkaW5nLmNsb3NlKCk7CiAgICAgICAgICAgICAgICBpZiAoZGF0YS5jb2RlID09IDApIHsKICAgICAgICAgICAgICAgICAgICAkKGRvY3VtZW50KS5kaWFsb2coewogICAgICAgICAgICAgICAgICAgICAgICBpbmZvVGV4dDogZGF0YS5pbmZvCiAgICAgICAgICAgICAgICAgICAgfSk7CiAgICAgICAgICAgICAgICAgICAgc2V0VGltZW91dChmdW5jdGlvbigpIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIGxvY2F0aW9uLmhyZWYgPSAiL2luZGV4L2luZGV4L2hvbWUuaHRtbCIKICAgICAgICAgICAgICAgICAgICAgICAgfSwKICAgICAgICAgICAgICAgICAgICAgICAgMjAwMCk7CiAgICAgICAgICAgICAgICB9IGVsc2UgewogICAgICAgICAgICAgICAgICAgIGxvYWRpbmcuY2xvc2UoKTsKICAgICAgICAgICAgICAgICAgICBpZiAoZGF0YS5pbmZvKSB7CiAgICAgICAgICAgICAgICAgICAgICAgICQoZG9jdW1lbnQpLmRpYWxvZyh7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmZvVGV4dDogZGF0YS5pbmZvCiAgICAgICAgICAgICAgICAgICAgICAgIH0pOwogICAgICAgICAgICAgICAgICAgIH0gZWxzZSB7CiAgICAgICAgICAgICAgICAgICAgICAgICQoZG9jdW1lbnQpLmRpYWxvZyh7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmZvVGV4dDogIk5ldHdvcmsgdW5zdGFibGUsIHBsZWFzZSB0cnkgYWdhaW4gYXQgYSBwbGFjZSB3aXRoIGJldHRlciBzaWduYWwhIiwKICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF1dG9DbG9zZTogMjAwMAogICAgICAgICAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgIH0sCiAgICAgICAgICAgIGVycm9yOiBmdW5jdGlvbihkYXRhKSB7CiAgICAgICAgICAgICAgICBsb2FkaW5nLmNsb3NlKCk7CiAgICAgICAgICAgIH0KICAgICAgICB9KTsKICAgIH0KfSk8L3NjcmlwdD48IS0tdGotLT48L2JvZHk+PC9odG1sPg=="}},"submit":{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-05T15:22:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"sssdd.2bkg7eusoa.top","ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-26","domain_rank":0,"first_seen":"2025-10-31T15:22:39.372774Z","last_seen":"2025-10-31T15:22:39.372774Z","alert_count":31,"request_count":28,"received_data":967120,"sent_data":20101,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]}]},{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":11393,"first_seen":"2021-10-20T05:02:03Z","last_seen":"2025-10-26T22:14:44.535628Z","alert_count":0,"request_count":5,"received_data":512428,"sent_data":3812,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-10-26T22:12:37.824968Z","alert_count":0,"request_count":2,"received_data":24277,"sent_data":926,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-26T22:12:38.002151Z","alert_count":0,"request_count":3,"received_data":211114,"sent_data":1660,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f19864fdd9979cd1528cf39ec71b0d68","sha1":"e4a4aff5aacdb1cca35e1fdf59a71374f6973279","sha256":"96444840ea9a1aba660387d9f7c79259999b9bb821658101d8d479ffd5cf584d","sha512":"34c8c08ff4b80a8b22f9511f15a37aa446f300fc2162950c4a02b041e833261953336442ea254cb9b1f1a32f92dede2a2751ee3a7ba7a3ea0cdb78f0e6d9e176","ssdeep":"3:N/BKL1XTn:eL1jn","tlshash":"e85504c0754170704510cc00d5fc545750174d0014175405705d0cf417700004010f44","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.686252Z","last_seen":"2025-10-31T15:22:47.686252Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"6934d9d33cd2d0c005994e7d96d2e0d9","sha1":"96d89030c1473585f16ec7a52050b410e44dd332","sha256":"08c9b52f61fadf1eff6fb89169f1735fbae7bb583b23cb119d0e1a0151bac952","sha512":"64ff1127cfca45f7ab820ffa481a3af55570ab2d7b1b7e9d3c0309bd3b6783f6b8d10c8eb2224bc517613f82372722a443dc221398cd2e5b24594ebef1bf4359","ssdeep":"","tlshash":"cd1100000000000000000000000000000000000000000000300c000003000000000000","size":1000,"data":"","first_seen":"2025-03-02T18:12:34.22932Z","last_seen":"2026-05-03T16:37:12.722938Z","times_seen":130516,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"eb4e814da2b213f2fc01373ce4ddb0bd","sha1":"33192862299e2b98b6928d673f33214b02e1931f","sha256":"d74ab506b6e6385c85f13e52f4c4f0024256524f449481b736d9cb9c736bd250","sha512":"d747bb6524444f040e49cc0d513b834368bcc74eec053dfbaa03ec781dc7f6223dbfbfd393d88c16ef15282457913b6537cdd658ace19cc4953ac2f3ec31de28","ssdeep":"3:N/BKL1XmRT:eL121","tlshash":"f75504c07f4170700511cc10d1541c17d1074d0414175405705d05f417350004014d40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.68848Z","last_seen":"2025-10-31T15:22:47.68848Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"765a8290b4377c1e56b43c4f87730f3b","sha1":"48a1a16f2dd4716486bfdae6e040cc30fc3bcad9","sha256":"d6f1fb72043c39c7fca5ffe9775bd7d860ffdeaeae6aeea19766e4c75831435c","sha512":"44e6c777c8d4e37a46d20540f098e007870a43248201bb9871f9f265ee678b9d5699547346ffd0d5599597d85b81985993b9fd84e65e7a0c878f3fdcc7c85c9d","ssdeep":"3:N/BKL1XuWW:eL1+WW","tlshash":"005504c07d4170700511cc00d1543417f0074d401417d545705d04f41f300001010f40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.689611Z","last_seen":"2025-10-31T15:22:47.689611Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"da53eb00dc42cb9975df636d5c1973ad","sha1":"bb6eb052852394e72f8c7586f968b9cf30a5a05d","sha256":"57f205f2a2d30d0d7424fbe03d71ffb634e4847a82a5ee1a8efc5a7e1bb30288","sha512":"66658441f991481b2b88065513a57232fa04ffd420def2c69e6d59c880715264ec7c8b9e3551e0076524c70822df819845fbe07580fe4dd463cdfeeae3463303","ssdeep":"3:N/BKL1XOC:eL1eC","tlshash":"325504c075c174f01410cc00d3541417d0074d0010175c05705d0cf457304000010d44","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.690793Z","last_seen":"2025-10-31T15:22:47.690793Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"58c9d718a02819a4d7c71bf41f801634","sha1":"ccff7f9e72456aea0d103a3e1be0c2fe0a70c1ee","sha256":"7598cef03d4d5655c2979107fa13d0b6a27f21ca9ec3bd95879f06ae10b4c1b8","sha512":"5735eabb55af693159f379f8f100974298aec7ce3999c2e18d3d8bcea2f1a34f5ea2503d309bea47cce46dbc5aedf678b8d85062d4f298cc5901dfd5da99b212","ssdeep":"3:N/BKL1Xs:eL18","tlshash":"315504c0754570700410cc00d1551417d0074d0010175405705d04f417314014010d40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.692061Z","last_seen":"2025-10-31T15:22:47.692061Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/static_new/js/jquery.progressBarTimer.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1a401b07e6aa47e4f56ff8e7d2348630","sha1":"326693fc17ae939593fae2b19ed7a8d7b37c5c82","sha256":"9483950e2ce19786e44c4fd03b523e94537bf19da885693a9eb0756ab8c183ef","sha512":"0f279c0c4463125a8c46766a6d02256eb55301ca8a3ea235e3723d8b7391e792bca1da9c027f773db7021b54a3d51aec5b9a78afd6dfeb81884cf5ce5404aeb6","ssdeep":"","tlshash":"b2410c05f3a31a8d00ea66706027124e6213000b0566b12c7b7ee5dbed7af6c307abfd","size":1924,"data":"","first_seen":"2023-03-07T14:05:37Z","last_seen":"2026-04-23T16:06:14.599278Z","times_seen":1472,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/red/main.js?v=V1.24","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5459bfb3c913c348bc765e0046c99cdd","sha1":"7d40e6df5997f7df0baaceb857546018dcd80520","sha256":"ac222d136784de2fe2d4615e2ad86651b3310bbc7538a851d708d381b8443dc5","sha512":"11125f21d71c289d0155025ba1eebd1cbc65dd348edc9f3e483413f13a0db32a2d38068d3de792077c3b01bbd0eb703616a2cd7bedb54caeb1e86b44d0152e63","ssdeep":"192:IQ3p3BwRH5w0rpCBmWO/6+cbmLGSr+gCpeMQlE/Dq:IQZxkHIhSKrlm","tlshash":"7b12341874f2502241bf383fbabf93887536424b654eee117cad56d49f2077c6272ae8","size":9883,"data":"","first_seen":"2023-03-07T14:05:37Z","last_seen":"2026-04-13T03:57:51.201786Z","times_seen":1133,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=99742549f86a568e","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"59e1d7c97f97fe9ac906623623b0392f","sha1":"e169e7cefb87837e09d6964cc3fba460d6062aad","sha256":"1fdec67320e4229d5549b644e5e40f99c7bd56d8aa3a5aa0f4dbbd0988095130","sha512":"cf70e4f78688919ab78fec45a0117834f7e99da68af31187108a7e473fa24470f40ba2713ca151c663ff404b1892eba32198879ed0d58b9d0e8ec35ad36163f5","ssdeep":"3072:Ho/pu7qWieHG9BPHfjvFCJ/pyzUPtgienS+Pz:I/c7Oj9WwzUFgirs","tlshash":"37b3198e78dfb5660b2268b8502739cb66af7c443018496df215e8e478d53047eb7ef8","size":117849,"data":"","first_seen":"2025-10-31T15:22:47.658373Z","last_seen":"2025-10-31T15:22:47.658373Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"491bea07c7d233ea12a4e7174b7d1098","sha1":"4f24c05be54ecc25ca779db2b37375bfcfd848fa","sha256":"458d0368f37dd55f5b035eac57a3a33ecda41f5df64e30cb7bb0b0723a445cfa","sha512":"7edad9dad66ce8d19f5a8c71add6d7978f76437b88d6b63abc5b3d20d5d78f9c60a0f3ad63a56a34a8edae5fd345ec1074bc59d644357f010ba20726d3f059bd","ssdeep":"1536:dbo1aMjlhaK6zrN2ftejHAsp22ITD9ecEHa7A4uU2gpKPoo/5CIpSW+keiLY1DNa:dc1awTaKPAYTpepHaehlzNCN3N5efb","tlshash":"34d3e68e79cab196136a34a8402335ca216f6ccc3058596de385f9f43cea7147ae7df4","size":141811,"data":"","first_seen":"2025-10-31T15:22:47.692975Z","last_seen":"2025-10-31T15:22:47.692975Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/static_new/js/common.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"406be4345cfb532036cad97a814bc41a","sha1":"675d6a1546566c56cbfdd718373b19f26f79f3bc","sha256":"c086a692a01d650dccb602faf9fbea54f920546532821ad19cdefeb750eea586","sha512":"5302c295510779f41fd7491683e0e727636a1ffa702174f6f196db8edbf305c742e3ca63c7d089dd9c6d558f1a542ea3fa041cf4ed3859ba652d07296fd85de3","ssdeep":"","tlshash":"0c418849bea92973012ef3694a2f9227d9375027ebdd80407d0ec5801b305cab59ee8f","size":2126,"data":"","first_seen":"2023-03-07T01:20:30Z","last_seen":"2026-04-23T16:06:14.56615Z","times_seen":1597,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/g/b5237f8e6aad/api.js?onload=VULe5\u0026render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24e04a472798460d2d59c2eda163369","sha1":"25f767a2785a93e896e154ea443bd43a2dca9c31","sha256":"326a64396e42f6983215214ba618c4dc04c7fe462b484cfe61d647db7812a58a","sha512":"f066cfb3406eadec5de0d5f7d0e1cc9b91b0375b7136eb423af82fafe585f12a263a5b01f274e8a236b1141f59bf2a2296f1d418451cc320bf0c510c1cf644e9","ssdeep":"768:1C6jR2KMga/LUU6c9Db6AqBuTB2Uw5jOyhHVNY1EbV9tGcpfBgQfuWVuY8t:r2Pga/LUU6cRGul2bhKDt","tlshash":"7e232a583256797227d980e0a17b63437326753ae94ccc50e423d976267cecad233fba","size":49434,"data":"","first_seen":"2025-10-30T17:40:26.894406Z","last_seen":"2025-11-01T17:17:59.287651Z","times_seen":1659,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"3a290ec78679dd7c9303f0053f22a7c9","sha1":"8c25d8f6573b19deaa6c6a6f99a56d70d370dc5f","sha256":"534d31aa54cafcb9804bb5d956d38c7802741ed182870f3643194a41b9bbc071","sha512":"17c2a9e61eef07a7591a7af3e638e9bd10cfbf142818301237581bf951d9cebaafa51e7f01b533485a52c584fcb3cbbe449c41a49663e4d02d0da87499a70fe5","ssdeep":"3:N/BKL1Xgn:eL1w","tlshash":"275504c07d4570710410cd04d15414375007cd001c17540570df0cf437300000010f40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.694502Z","last_seen":"2025-10-31T15:22:47.694502Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html?__cf_chl_rt_tk=pIwgzDyBBcUhl0Tt93Lkd6K30N3_aUis7bY4m0znhp4-1761924123-1.0.1.1-pl3xPi6wqXoubXLawcPOgelKN6D86LVPU9x5p8CxxqE","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"769952425ea4a721a1a0c76411da1152","sha1":"57d7f19ab7cd81f23144f0c0cf85d6d0f431aeb6","sha256":"0ca9f4ea6a0f65406cb1e75d6ccfaaddd874408c386703418c8d989d1000c294","sha512":"0fa51ebf1cff8e65ca76e32418488559dc74605c5b896cf1317e64c5826e892f556c38db1b4d77f91f95db533c834db9369218f00b7429b68c8a249c8c46c190","ssdeep":"3:N/BKL1Xd:eL1t","tlshash":"525504c0f54170f00510cc00d1541417d4075f3010175405705d04f41f300000010d44","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.695529Z","last_seen":"2025-10-31T15:22:47.695529Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/red/popper.min.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"56456db9d72a4b380ed3cb63095e6022","sha1":"6dbce88aee15b42f29083df7a07513cf3b486ba0","sha256":"66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2","sha512":"e56bd96b837b26add354d0a9e2b8dc04c95cea94f7959ee05718ed23a224296fae22d49afab160b45963bd99c2c501a3f12517e431eb68a13a327ff8b262b50a","ssdeep":"384:kmQkLrwVOyzirVyKnxRsIB9Db5HjiWn8xHOxvRVgD75zBY5vImg3FzGpL9ARdOgS:vLsgyziJp3Db5OxHOxvYD73Y5vQzyL9p","tlshash":"1992b4cc3294b06643a791a7a0af960fb2339875610e9410f19df2d97c30ef9a13bc79","size":21004,"data":"","first_seen":"2023-03-07T01:06:27Z","last_seen":"2026-05-03T15:58:23.659573Z","times_seen":17626,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f7df6c2796674e70494306bc4877ae95","sha1":"cc8914cb51d134a84213cc9aa4cfa5ce220cdf79","sha256":"904730f0eab2f84a432762d8e586d9d020f99a751fadfa6b0a0369daf2ac9013","sha512":"3d01dcb552948ed3fadf769485ec0cc544a119b85ba34f5d4c016755d448b4e79216b1ba1b9051efd1fa448330b8c09a00bde536d05ad90b72f151289e13d2c0","ssdeep":"3:N/BKL1XO:eL1e","tlshash":"945504c4754174f00c10cc10d1d4341750074d1114175405705d0cfc17704040010f40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.696539Z","last_seen":"2025-10-31T15:22:47.696539Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"892706188ca90fb3b376c7e048a5b03a","sha1":"8b6c6d17951ad5df7b176694fc9e84b007ef1105","sha256":"a40549c6877353a2e356e8be6c6d3a9ff1766e6187c1aa33054fd16284884b96","sha512":"89b97e69d3e13340c0cf56b325e7f53ed3264674e11c00a79dda9fb6a3724fb7f2bd6fdbfbbd209d8a973ae3c171e8c1cffaff32e9ecd395d6a78e1698be6a0d","ssdeep":"","tlshash":"18b0125896899941c74019070c0f5cfaee345902489c97c0c220a15be0c4ff041eef35","size":101,"data":"","first_seen":"2025-10-22T18:40:01.499879Z","last_seen":"2026-04-03T11:40:49.880488Z","times_seen":139658,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"42914fdcb5eea1e2c1947e84f72a93d9","sha1":"e6f5b92ce868f5fa8d0ccddcafa380d8df62fd5f","sha256":"bded8cea84cf7d3729c76ba119df8d8510ebfb74fe53ceb92751ed55c839893a","sha512":"d0796b25c2d5b364064fb8a60b9a870fa6feee953efb9f01164133d9adeeb4b9a76d6ca6ad73fd79b5f3e3a3cc5b85338ff4805d55c64759f6dcb5f610b7d3de","ssdeep":"3:N/BKL1XXQn:eL1nQn","tlshash":"ee5504c1754570740410cc00d35414375007dd0014175407707f0cf417300000010f44","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.698099Z","last_seen":"2025-10-31T15:22:47.698099Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"49f8288764fd540f01475cdeed7358c2","sha1":"2b746718269da3908e159d12b1ae7ee800fdf5f8","sha256":"0d7eb71c721eaf7017b2cb45cbc5661d696cc6b89c7c39f5a5b557a2d8d23f9b","sha512":"2c7a820ac4c58c1e83e322fc0979129b2df205cac9a292994b3f1e8c6685ddd97fa96fe888af2516ecb85b6668c8426ec79bbc6eccf3b460de4272c9a2b53299","ssdeep":"3:N/BKL1XK:eL1a","tlshash":"945504c0f54170700410cd00d1541417d4074d00541f7405705d05f41f300000010d44","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.699057Z","last_seen":"2025-10-31T15:22:47.699057Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"bc2e2d9b5aedd022b08413b11e1cd588","sha1":"5387ba91b9ebc210dd977d3da6c45ed1976cb09c","sha256":"732ec1c8bd27be83ed3b0d2ec0074feee7eab92007703dfa0c577c158eb74931","sha512":"71ca8dc73565ce4cd9e383ed3b6b6dc5293f83ad5a1fc760f446be85eba8cc2b27b510c59966d176f28b6e74cf3b4af2b3f0ffe548b9ae6a309141ac791a7a54","ssdeep":"3:N/BKL1XXn:eL1n","tlshash":"345500c0fe82b0b20820cc00e2a8282bf80b8e08202ba80ab0ee08f82f320000020f80","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.700099Z","last_seen":"2025-10-31T15:22:47.700099Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"fa96c1b2cafc4c0a8d8870156622a324","sha1":"2c1968b212ae2a42933bfb4acb3f6c60326729e2","sha256":"f4dcd0e2347c8e54e2c13e1dcde94eabd426a6cbb1cd482bb44a9542d274c276","sha512":"9316c834ec4d3ac4b18fb6ac1fa8f60f95edf2542be50a4353ded23471c62bc020245e7b38f71e8e2c011412cab7f7509b97b44269591a93ac4c13181d099d0c","ssdeep":"3:N/BKL1Xht:eL1X","tlshash":"9c5504c0754170710511cc40d1541c17d0174d0010175405705d04f417304004010d40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.701024Z","last_seen":"2025-10-31T15:22:47.701024Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f9454a5b2c501e19c2b487fbfd66af13","sha1":"5be843b877359d9d44016c0e90834a92fc96d0d4","sha256":"b56a8e507036450f34ffd89b472ddc686a761f9e49774f342b0585adf68c274c","sha512":"8cf042cabe65bcf8343f9c75299aad7af9127bb6e4668708fc16ca93e53947c99bf20f3df64be74d63b6e3c0fca721cfdba24fcd1044237dcc08ac71901f1e25","ssdeep":"3:N/BKL1XNWSn:eL1L","tlshash":"c05504c0754174700410cd00d1541437d0074d0430175405715d04f417304000010d44","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.70209Z","last_seen":"2025-10-31T15:22:47.70209Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/static_new/js/dialog.min.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5b00205ad1fe51bf8f61bcb3de292faa","sha1":"4b12f988964d29bd82b14e71b86104a1a91b667b","sha256":"d1eef2b2ff683e089b9d124aa8090e174252e0894af20ae6d78fed7dc69744d5","sha512":"4b4d16845173e2fdf03eda7f3d3c1750f5a5c7016850a658ac290ae44d079e8f91f6767d4bf6771846890739371aa443f349384144e9f59922c9c2f0974e224f","ssdeep":"192:8792uFckSv56nit+FETsYnZpeVbMcMtUqVbMcvwpNDygwNAZPPrxmjp4axgVVHpD:kHC8u6fRVFObkcobwhUi2VHEaLgiz","tlshash":"cbc2322465eb21964a73f83687ab3112f2270013941dfe15397f465c0fe4b3876aafe6","size":27744,"data":"","first_seen":"2023-04-07T00:16:00Z","last_seen":"2026-04-23T16:06:14.560206Z","times_seen":3676,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"31ef33ada0cfa0016e1490045a8c1e1b","sha1":"4fdc05e599a9fac57c1b11b28b43016c58260a52","sha256":"44757c1d759d7ce59201d93f49d1d590bef0b0c805ef06b853b235f6192f84e8","sha512":"2f680cbe8acdde55ee8f01686adf7b1ac0db1a01b47eb8cfe8b9e1c1e4320a1e76a8a9ae13472f8526597607129d625a698f65673226fc35a622c12b1ba5aeb9","ssdeep":"3:N/BKL1Xtn:eL19","tlshash":"f35504c0754170700410cd00f155341750074d0414175405705d0cf457301004110f40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.703204Z","last_seen":"2025-10-31T15:22:47.703204Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"30705602d46b015355dc09782aeebc66","sha1":"fb10be5e25ca8f5e6e2362bb1a94ea6337728c6b","sha256":"b34c4c908ef3921aeefc926d1b378d1269f58e531031eac905f1d12e1d97829c","sha512":"bec2b93bf0f746a251c968e2ac3ffa69f0eb0053dd1db07aadde8a8c4bd1cad53f2b0999d3361e75d6fb6f2089b4ca323c5a989772b8a6f987cdae0831fa0fe4","ssdeep":"3:N/BKL1X/n:eL1P","tlshash":"065500c0fb82b0b00820cc08e2a82c2ba00b8e00282ba80eb0ae0cf82f300200020f80","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.704095Z","last_seen":"2025-10-31T15:22:47.704095Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"4941a678a0b66932d1418c03a544fc2e","sha1":"bc6269ebd050e174c9e3e2918191f6c33ee2f333","sha256":"193729ddae7dec7bde0eb7a844a161359e8223c1142f46cb835089db15f01b57","sha512":"d99b38eb8582dcafdafd6a55ca1c70a0e630a41dd40b075975ed28504d85631aace28ecf57e762913e6b5a4f939616188e9f416b396e58fc0ed525698fd77858","ssdeep":"3:N/BKL1XkdVn:eL10X","tlshash":"6e5500c0ba83b0b00b22ce00e3a82c2be00b8e00302ba80ab0ee08f82b3000000a0e80","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.705138Z","last_seen":"2025-10-31T15:22:47.705138Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html?__cf_chl_tk=pIwgzDyBBcUhl0Tt93Lkd6K30N3_aUis7bY4m0znhp4-1761924123-1.0.1.1-pl3xPi6wqXoubXLawcPOgelKN6D86LVPU9x5p8CxxqE","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"e19e5c580df4e6493532f6fe86e53b5a","sha1":"17a5649428c4ba0b0734de4b470d638cccb75187","sha256":"b68cafc4809ac5a730a0cd0ab52a0a7ccd2fd1adcd5b55d66d90fa500a927bd4","sha512":"9beb035bcb0b13286685dc82b09f8084914bf0bde2f116f4d7c9b3f3db23bcfe5c1ac3d102d35d3e3c60a4e7728a54b0eed943bee9c8f135189ebd7c60c401a3","ssdeep":"3:N/BKL1XRTn:eL1F","tlshash":"5f5500c0ba82b0f00c20cc00e2aa282be00b8e00282ba80fb0ae88fc3bb00000020ec0","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.706103Z","last_seen":"2025-10-31T15:22:47.706103Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7ae1660c2841cc1d2d901c98d6a233f0","sha1":"3fc562bdea00c9d1e8cb146ce8c278d1d3f1defe","sha256":"04105dbe71cc81a1e98e6703b3622f68456c2ebc577b0462d321359abd4e9b53","sha512":"1aa7ce4227cb64a6fd9dbaffa1d3b3451d775cb891880b190df01fee880e8f14a6e63c972aae4667bafbd8698971b1bc651556f9f89579f6b7e43d0e0b87c5cd","ssdeep":"","tlshash":"1e80044010733311340c004d001f04cd3000311757470c50d7d4d5041541545105407c","size":37,"data":"","first_seen":"2023-03-07T14:05:37Z","last_seen":"2026-04-23T16:06:14.600317Z","times_seen":585,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"ba1fc0849035e08fd28384853c86b507","sha1":"3a8b238eb9e3d5a09671cf4a1a20548abd19b269","sha256":"e617f3f3e328207e0411dfc3904ec841e0aba58b323fd2df97648922ab353e01","sha512":"6044661b49ee85b9ab9885e3c6f58b33d9168cbc57772e1852989707c64401294d4f8ec900ee0c3e3a27599f09d4c95b66833760143d2c52773383fafe41fd22","ssdeep":"3:N/BKL1X7:eL1L","tlshash":"6e5504c0754570700410cc00d15c14377007cd0014175405755f0df417700100010f50","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.707562Z","last_seen":"2025-10-31T15:22:47.707562Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"36a5498788e14f419cc7d3c71fdaf834","sha1":"784ee49583052bef5da15f738fb69aa23c88d043","sha256":"1ab04143498798641322b09d53b2c35533c1c4a267b4cf53525c314743fcd77c","sha512":"d898a1c4c904e02ca726d81f103bb4462cfe59f5c28df7f9e211d2c7d5b075d7900e5ef8715d82b8a2949fb86b00534aa2a0999ae98b3e30f5911f790d186f08","ssdeep":"3:N/BKL1XZ:eL1p","tlshash":"895504c0774170700410cc00d175141750074f001417550570dd0df41f310010010f40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.708934Z","last_seen":"2025-10-31T15:22:47.708934Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"86e078b77a6cc6c3997beee2aa21cf0a","sha1":"5cb99216f38784f5f62d247adc2c7c346d6c0be6","sha256":"cf004e42ec3302cfe78e0901c1d5ae3ec9599d3230e10f40400f0299b0badc3c","sha512":"82a68327fb1dfa6d03ef72090445b82db32e2307ed6048365947d72c866e14bbdba31f3e7246dacec95fab94702ad33a1f8fc30074c00554f7f1c3c6de4076bf","ssdeep":"3:N/BKL1Xl:eL11","tlshash":"515504c0754170705410cc00d15414575007cd0414175405705d0df457710014010f40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.709965Z","last_seen":"2025-10-31T15:22:47.709965Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"da5f2e819193a20c726a78014066f66d","sha1":"b99975e4e295d9959968d2cb6d8f0beff9ebbdae","sha256":"f82da5fa4170a17d69fb3ea6aeb417037c4a58bbbc0fe8077b7ef8c2a911e30f","sha512":"fcb483bebf378525b74e6f3364e0f032b0e55787c4a8ef754c8ae47b94923ffb0557c791fe3a5ff0c890549fe25c3d9a2bc2ff0764c10eb79801d08d62b4835f","ssdeep":"3:N/BKL1XLV:eL1x","tlshash":"fa5504c0754170700410cc00d374143750074d0014375515705d0cf417301040010f40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.710923Z","last_seen":"2025-10-31T15:22:47.710923Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"8298fca841f1c83222082f509908491c","sha1":"f0afa4cab7e7b215404adb9ee0bc36cc5fa9f4e6","sha256":"cec05fd9f1e418355a519e70746e7924b90582248e67a3999ad56658da57e0d2","sha512":"c69917aac29e0fcc0dc991069890827b2498c59fc9fc83a09d1c8f017b05770b459d6d896b80b0e7976427a313b004f2460edd073e60c7aa57872326dcf1791e","ssdeep":"3:N/BKL1Xjn:eL1z","tlshash":"1d5504c07d41f0700414dc00d1541417d4074d0430175c0d705d04f417300400010d40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.711904Z","last_seen":"2025-10-31T15:22:47.711904Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/red/bootstrap/js/bootstrap.min.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0c2bcf5ef0c4476508d79ec9cdcce07","sha1":"3beed68ed7d753c6bf4f61c26386ddd7929ba030","sha256":"edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba","sha512":"5ca6bd1de99dcb5522dca486809760332625520d6033e4212fa7279724dedaaccc0989b89c06753ec55ead0cd34d7ce89d447e766b301ea8093eec02ab531a02","ssdeep":"768:0KD1OYYUhTVvO1Nn6u7MTLOarIkSsBAiAH0FcQ2K8FXsb6mH/3bz5vhCG:0G1T145KVdsXc/hhCG","tlshash":"a453750672a4f472059fa176803b0a0bb7362c9de506b16cbad998dd1f7cd443267f3a","size":63467,"data":"","first_seen":"2023-03-07T01:03:47Z","last_seen":"2026-05-03T14:02:46.575613Z","times_seen":9881,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/red/jquery.cookie.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5528dde0006c78be04817327c2f9b6f","sha1":"31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8","sha256":"b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8","sha512":"69484bdb1382ae92c4b860f97fab601db2d8117469619f06e720fe5a516b5eb3f2d88ad6065bba6e28790bd1faa86b20aa753a9a0c7a2ad53c4eb787a404a9af","ssdeep":"","tlshash":"ff516650b7cc361e06ab22516b6f10ace63cff721158449d881965f82cb0c7bdb6bd6a","size":3121,"data":"","first_seen":"2023-03-07T01:06:39Z","last_seen":"2026-05-03T15:45:06.266544Z","times_seen":16048,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"4dec2a6237f193342c761921dc8c24de","sha1":"3bc5ba45113a8f2b6dc04150eb1499e857595354","sha256":"31999a5801fd8ca3c12690752a4b37ddc49563fd650ad75af059f82640a2db42","sha512":"404d7b5807642e00004af65ef320373aabff3cbee8ed0b88523fcedbd635d44bd3390683e261e5064f6f07d6a5c14ff0d534b1204b1dab2d089be22af4d4420c","ssdeep":"3:N/BKL1X3:eL1H","tlshash":"fe5504c07541f0f00414dc00dd54141ff0074d4010175c45705d14f417300001010d40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.713003Z","last_seen":"2025-10-31T15:22:47.713003Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"590fd4ab06d7bcd03f2ed3cce1cc3d27","sha1":"496bdf69e6a0d94e6f552cd670fa00cac78bbbcb","sha256":"8ac8c17ac034c26d3c8838f3fd097e65b0f33a46224b970c86a10d2d6d90b9fe","sha512":"736c4695321b01eb50fcc69712ea3b28b8a0100e5dba35b973919ad811772539908e3d3565ab678bac5784a1e4593057933780a9a44b9a108a293c67782d4bdd","ssdeep":"3:N/BKL1XT:eL1j","tlshash":"cf5504c07741f0700414dd00d1541417d0074d0010177405705d04f417704100014d40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.713986Z","last_seen":"2025-10-31T15:22:47.713986Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/red/jquery-3.3.1.min.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-05-03T16:31:39.00937Z","times_seen":125190,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/public/js/layer_mobile/layer.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"79b7829af0bbfea5760aa606bf1a02c7","sha1":"54c27862e41ef815009fca7b54d9d463cfb015bc","sha256":"2fc4428e63cd5bd982210576674877bd1ba3eb59b9f4686d3668fd94530fa4b7","sha512":"dc634dfed7b74ba81193c8362188ab44430b00ed4dcc93dd4a68c22de03157b2b9ac611139cb5a5f3a63a6d7472445e8e08e87318514560f5f2231898a4032d1","ssdeep":"","tlshash":"7f61a676f10176b7661320c4e06f690fb6775151b2008840e0e5e5aeaafed0ca87bf5d","size":3304,"data":"","first_seen":"2023-03-07T01:34:12Z","last_seen":"2026-05-02T20:25:38.177909Z","times_seen":4582,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/red/swiper/swiper-bundle.min.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c4358cb63a4b96c5d71a2fb630871f30","sha1":"be3b7d9d5bbd680d035f768345778d84eb08fe23","sha256":"c26293076ae548cd0614c5946e9c16f34bd7810fd2f63deeaa28df61ce935229","sha512":"35a85c90dfa0ac1e9f4b1bb7bd074a8b20baf6cc235bafb16148da3d55931ad46e89af33508970da09208e166601df250040841d5dc7742b9d6ab9c065a5a467","ssdeep":"3072:U79yoiRfIBB4G+yMwoSpADH79cVOJjBqcxN:k9ytlByMwoSpADH79cVOJjBqcL","tlshash":"9dd3188db354b2e151e72256539ed10263b65845b80ac1a470b68cd7acbde8c03bfefd","size":139961,"data":"","first_seen":"2023-03-07T12:20:59Z","last_seen":"2026-05-03T14:45:33.368769Z","times_seen":3887,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f356293f31df6cb659f65a37f98666fb","sha1":"b05684d634848a411c8cc67516553bba1e3bfe13","sha256":"1e768292975ed782544e2170d7a3bbb113eb3f0c64cb6db1115ca2987efb99ab","sha512":"bd59f753c2b7166e41fc7d99b9423de065edca7b9d3267f9b34532c921bbd569a9ba9813c899ed3d42a4a04dc6f05f8ab0ed01c372c4b7ba83ccb3e6c7c3b5f7","ssdeep":"3:N/BKL1XC:eL1S","tlshash":"495504c0774171700414cc05d1d41d5750074d003417540d705d0df41f330000010f40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.714926Z","last_seen":"2025-10-31T15:22:47.714926Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"892706188ca90fb3b376c7e048a5b03a","sha1":"8b6c6d17951ad5df7b176694fc9e84b007ef1105","sha256":"a40549c6877353a2e356e8be6c6d3a9ff1766e6187c1aa33054fd16284884b96","sha512":"89b97e69d3e13340c0cf56b325e7f53ed3264674e11c00a79dda9fb6a3724fb7f2bd6fdbfbbd209d8a973ae3c171e8c1cffaff32e9ecd395d6a78e1698be6a0d","ssdeep":"","tlshash":"18b0125896899941c74019070c0f5cfaee345902489c97c0c220a15be0c4ff041eef35","size":101,"data":"","first_seen":"2025-10-22T18:40:01.499879Z","last_seen":"2026-04-03T11:40:49.880488Z","times_seen":139658,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"e394c46f11d4e062ea4dea55cc94a149","sha1":"2d85dd0c165d7ef9d4026f498987b6743fd544c0","sha256":"ef176a75c19c0bca07e852e00f50687c4ce14a4f8ad7f4478cc29de06bc34394","sha512":"120617f80a3923073b96d8ba5427ac94bf67158b3e9f673640a6d177e923dda0a713a2c7e3100c0a188ff0fb95c06206b10ed5ef38989e467d3d6a8bdf62d71e","ssdeep":"3:N/BKL1XE7:eL1U7","tlshash":"525504c0754174f00410cc00d154341fd0074d0114175405705d04fc17304000410f44","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.715836Z","last_seen":"2025-10-31T15:22:47.715836Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"89904cd9a12718cd8743601915673859","sha1":"ecc08f5570ba68d9884c8dacbd3031c2f200f2fe","sha256":"1d00af2d86694813677fb3cb1d72ad9fb2fe05227f87219ade0c5d6d916b95e9","sha512":"b3cf136789f5cd9e981e099f48cbd448674431d8749b5c7c70e56758d3fd08d077e27e2958b7655a3fec98466f91a2381d696c5cd21184de56a58280e00135f3","ssdeep":"3:N/BKL1XK:eL1a","tlshash":"dd5504c0fd5170f10c10cc00d1541417d4474d001017544d705d04f41f300000010d40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.716669Z","last_seen":"2025-10-31T15:22:47.716669Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"892706188ca90fb3b376c7e048a5b03a","sha1":"8b6c6d17951ad5df7b176694fc9e84b007ef1105","sha256":"a40549c6877353a2e356e8be6c6d3a9ff1766e6187c1aa33054fd16284884b96","sha512":"89b97e69d3e13340c0cf56b325e7f53ed3264674e11c00a79dda9fb6a3724fb7f2bd6fdbfbbd209d8a973ae3c171e8c1cffaff32e9ecd395d6a78e1698be6a0d","ssdeep":"","tlshash":"18b0125896899941c74019070c0f5cfaee345902489c97c0c220a15be0c4ff041eef35","size":101,"data":"","first_seen":"2025-10-22T18:40:01.499879Z","last_seen":"2026-04-03T11:40:49.880488Z","times_seen":139658,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"892706188ca90fb3b376c7e048a5b03a","sha1":"8b6c6d17951ad5df7b176694fc9e84b007ef1105","sha256":"a40549c6877353a2e356e8be6c6d3a9ff1766e6187c1aa33054fd16284884b96","sha512":"89b97e69d3e13340c0cf56b325e7f53ed3264674e11c00a79dda9fb6a3724fb7f2bd6fdbfbbd209d8a973ae3c171e8c1cffaff32e9ecd395d6a78e1698be6a0d","ssdeep":"","tlshash":"18b0125896899941c74019070c0f5cfaee345902489c97c0c220a15be0c4ff041eef35","size":101,"data":"","first_seen":"2025-10-22T18:40:01.499879Z","last_seen":"2026-04-03T11:40:49.880488Z","times_seen":139658,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"e7787b322e739f1576b991f6ca50daf7","sha1":"bd863d9a90aea30992caf231921dd9e440806bd3","sha256":"af9e48eafb7f18f9d93f9691feea008af30b009cf492786af155d0be4ef6da8f","sha512":"c27f4c7f28912fa17f72895fd46eab2355d75d2e53a2c38988037ce4b8bacdee385e71e63f909f205a2433ac71bc5458b4db4ddf0980724ae60b1b61290bac08","ssdeep":"3:N/BKL1XbU:eL1rU","tlshash":"ee5504c07745f0701410cc04d354141750074d4014175405705d0cf41f300000010f40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.717524Z","last_seen":"2025-10-31T15:22:47.717524Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"2bf7a7ab1d2ef51d6abf36a89d8db618","sha1":"170999c4bfb193df4994c35e9f67bd307d25969b","sha256":"b88c7d583689c184d0d8e8a92b114f97c2c4853d3376ed5da2a65f2d8724285f","sha512":"1360fbe1845450f6454693fc2df876965d4c6bf26639c1161f5013042a8bbb7fae800529ac2f252aaadb54255897ef24b8cb52ed89d3463fd4e69af84e980339","ssdeep":"3:N/BKL1XTU:eL1jU","tlshash":"965504c07545f4700410dd50d154141750074d001417540d705d0cf417304000030f40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.718569Z","last_seen":"2025-10-31T15:22:47.718569Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"8c68c24cc15cd0aa267ec1e1082e4bb9","sha1":"5f405420eb4d6549f09ba62b266ae35d17bb26eb","sha256":"f7a3214aa2ed996bab77c1f2a3407a2c88b04e929e7a629db5885a26e44d0213","sha512":"4e814ea1c9223c608a06628ac94a21844aecaa3d2bd805094f33d92cef4461387e5ef43f392880f8d7fc4198b79ab6559eef0630a5e65ad8a727f9ac02f1e18f","ssdeep":"3:N/BKL1XJ:eL1Z","tlshash":"415504c0754171700410cd00d1551417d0074d1014575405705d0cf417301000010f40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.720703Z","last_seen":"2025-10-31T15:22:47.720703Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"bffc581b59bb5e28516515721e149829","sha1":"2ca9fc9c6ab9e9fbd75b71e35103d09fa646c74e","sha256":"7519ee82aee3053cc0651bfff742deb84fe0f5cf83b67388cf8dd89167baf720","sha512":"2109894f418fd6b24991a27710666f1427da6f923a8b9110a4f4e94558f91c6cca7e47e382977d2226c74c6b6cd059149c202f4bf313dba560f45cee40f0b804","ssdeep":"3:N/BKL1XU:eL1k","tlshash":"8c5504c0754170704510cd00d1f4141770074f0454175405705d0cf417300005010f40","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.72179Z","last_seen":"2025-10-31T15:22:47.72179Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-03T16:29:03.881375Z","times_seen":693299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"53df90a7345a5cbb3931f8a865dc8d36","sha1":"4c94b421da459012ea6d6cfc48142ff2da9190c0","sha256":"3e00fb1a48e4c7ffbd3d95943f22e98b782c69ca59696c3ee6c8405bf465f15e","sha512":"3ca9ac595184813cc32c16c8260f439f87a0af8dae6ed940cefd362946d87836816ceeb8fbc06e2368d9e3fa1d8f94740855d3f5544e148b2f97f4f4d7cee59a","ssdeep":"3:N/BKL1XQV:eL1gV","tlshash":"a05500c0ba82b0b00ca0cc08e2a8382ba00f8e00282ba82ab0ae0cf82b300000020f80","size":1337359,"data":"","first_seen":"2025-10-31T15:22:47.722812Z","last_seen":"2025-10-31T15:22:47.722812Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","size":39,"data":"","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-05-03T16:32:21.372631Z","times_seen":860807,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/cdn-cgi/challenge-platform/h/g/flow/ov1/1409629024:1761919705:0jsWkLYhDE7pwKOflQnvhftYZnAfDL5nRWFnQ-Zr79Y/99742549f86a568e/0nnUE4_.zhz6KWAD8EH2ShktGmvVA_F0LXAoZgFZUdY-1761924123-1.2.1.1-P5irEiY0IbCgfhaoDTLDlNak_cMeYF_P8hywcAes5sShgzneZXPD849hvcBXiTgk","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:03.658Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1409629024:1761919705:0jsWkLYhDE7pwKOflQnvhftYZnAfDL5nRWFnQ-Zr79Y/99742549f86a568e/0nnUE4_.zhz6KWAD8EH2ShktGmvVA_F0LXAoZgFZUdY-1761924123-1.2.1.1-P5irEiY0IbCgfhaoDTLDlNak_cMeYF_P8hywcAes5sShgzneZXPD849hvcBXiTgk HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\ncf-chl: 0nnUE4_.zhz6KWAD8EH2ShktGmvVA_F0LXAoZgFZUdY-1761924123-1.2.1.1-P5irEiY0IbCgfhaoDTLDlNak_cMeYF_P8hywcAes5sShgzneZXPD849hvcBXiTgk\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2039\r\nOrigin: http://sssdd.2bkg7eusoa.top\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:03 GMT\r\nContent-Type: text/plain; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\ncf-chl-gen: UNelJ1QfLOs4LCuZF4aCYINDZbtIdTIKDbLVxc9ZTVs=$s7/y4wC5WDtbMYDnaKOyxw==\r\nContent-Encoding: gzip\r\nServer: cloudflare\r\nCF-RAY: 9974254cdccc0daa-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19136,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (19136), with no line terminators","md5":"e7e4dea67d0984f11088052cb539a5a3","sha1":"d5cde03cf4f8685bbfd65e50a67b69e6c71391b7","sha256":"15a7368030f3d02a019f0d5cb714eff7c65f6176514579b4793523b4e43aac54","sha512":"abc0582a50923a690b589282a4699bbfe968b4a159505832e4e12ef598be2e90e586b517984dd70671f245dcd38a60de3cf6cecf0352661c289413ea198831cf","ssdeep":"384:bPuegaJIyWFxHMTxXAXkoVSZouy4+LhUDpwRII5:qhaSyWFxHMxvoVSZ1D+26IE","tlshash":"3182d0171cf34ef90773590fbe6085a9a06146f241e837589b86b16eb8f0d04757ecab","first_seen":"2025-10-31T15:22:47.655662Z","last_seen":"2025-10-31T15:22:47.655662Z","times_seen":1,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/9974254e6b6656bb/1761924124372/DLq0zFm3117m1J7","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","date":"2025-10-31T15:22:05.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 18:59:09 GMT","end":"Wed, 21 Jan 2026 19:59:05 GMT"},"fingerprint":{"sha1":"62:5E:2A:E5:F4:DE:73:E8:94:15:72:65:28:EB:70:25:A8:D2:E7:61","sha256":"2D:41:D6:2B:6A:BB:89:80:01:28:9F:35:0B:2B:F4:6C:0D:B6:B1:E4:7E:E4:AC:35:2A:E0:69:DB:94:45:F7:D3"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/d/9974254e6b6656bb/1761924124372/DLq0zFm3117m1J7 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 15:22:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 203\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 99742559de9356bb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":203,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 81 x 16, 8-bit/color RGBA, non-interlaced","md5":"6d222ceda15c0bb307a32168405fa959","sha1":"fe1e57cb3124f8c672f19255b70f198bc321c98d","sha256":"7a99a0e67e0b4a8a05c8e406e6665871585e23bdefba01acff65e5b155b96884","sha512":"0b255d57cc3416b9215327c895116cefd8e486079c9e85900c0b5aa8ff7ea2ae873d5d4c17fd6553c77854e4ecf9097244b981dffbb2a159050b161507b01889","ssdeep":"","tlshash":"fcd022ae2cc8bc74cf1b7fea3c59c2028eb0011c04069d840b0af55e234098131895a4","first_seen":"2025-05-27T21:32:08.105551Z","last_seen":"2026-04-02T12:00:32.176523Z","times_seen":108,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/red/style.css?v=V1.24","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.285Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /red/style.css?v=V1.24 HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:15 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-RAY: 997425956a11b4f1-OSL\r\nVary: Accept-Encoding, Accept-Encoding\r\nLast-Modified: Mon, 26 Sep 2022 17:13:42 GMT\r\nETag: W/\"6331ddc6-1ec31\"\r\nExpires: Sat, 01 Nov 2025 03:22:15 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=A8Myzfo6%2Bu9LZ%2BPtYhQu43h84uhstgTW2j4KsG1DyGEPFzn0CpR%2FsLGxgU9a7G%2FXMAEUWZCaSfXyK353eu%2F0zYlc7IBYzzoqid1n2KS9P9L%2BPxiWwUi1I9vVpcL5NfBaZpPd68bHSg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=654\u0026min_rtt=497\u0026rtt_var=167\u0026sent=13\u0026recv=15\u0026lost=0\u0026retrans=0\u0026sent_bytes=12634\u0026recv_bytes=1134\u0026delivery_rate=17854500\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":126001,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text","md5":"cc760006fdcc0c62451dfbf6f8e055b6","sha1":"cc1bc6f3089cec7191cc2208388156cdc2151189","sha256":"eeef16462f2910d914f656c763fd93d6e6ddee8ce33419e91b785f304194706c","sha512":"a70a51fa832ee91381e6ff871a95aae5273610bf36a6ee8d86e3237b7a545a72dcae567f4e1f6a085a7caf36b52a55a5e9881b3235fcdc0b7917b858145126a6","ssdeep":"1536:p+0l8BwHpYlNwaF+mjoXlKrTTnsCJ12yBTlfMpojR8Xi3MJbMhe:TpYliaF3jFMpojlMJbMhe","tlshash":"63c3a764d1f32d16703f44a86bad9ab1632e619fc7484deef64e7a649f604cb4033b90","first_seen":"2025-10-31T15:22:47.657345Z","last_seen":"2025-10-31T15:22:47.657345Z","times_seen":1,"resource_available":false,"data":null}},"time_used":794,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":612,"receive":182,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=99742549f86a568e","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:03.356Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=99742549f86a568e HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html?__cf_chl_rt_tk=pIwgzDyBBcUhl0Tt93Lkd6K30N3_aUis7bY4m0znhp4-1761924123-1.0.1.1-pl3xPi6wqXoubXLawcPOgelKN6D86LVPU9x5p8CxxqE\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:03 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nContent-Encoding: gzip\r\nServer: cloudflare\r\nCF-RAY: 9974254afd5556a9-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":117849,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"59e1d7c97f97fe9ac906623623b0392f","sha1":"e169e7cefb87837e09d6964cc3fba460d6062aad","sha256":"1fdec67320e4229d5549b644e5e40f99c7bd56d8aa3a5aa0f4dbbd0988095130","sha512":"cf70e4f78688919ab78fec45a0117834f7e99da68af31187108a7e473fa24470f40ba2713ca151c663ff404b1892eba32198879ed0d58b9d0e8ec35ad36163f5","ssdeep":"3072:Ho/pu7qWieHG9BPHfjvFCJ/pyzUPtgienS+Pz:I/c7Oj9WwzUFgirs","tlshash":"37b3198e78dfb5660b2268b8502739cb66af7c443018496df215e8e478d53047eb7ef8","first_seen":"2025-10-31T15:22:47.658373Z","last_seen":"2025-10-31T15:22:47.658373Z","times_seen":1,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":21,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/g/b5237f8e6aad/api.js?onload=VULe5\u0026render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:03.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 18:59:09 GMT","end":"Wed, 21 Jan 2026 19:59:05 GMT"},"fingerprint":{"sha1":"62:5E:2A:E5:F4:DE:73:E8:94:15:72:65:28:EB:70:25:A8:D2:E7:61","sha256":"2D:41:D6:2B:6A:BB:89:80:01:28:9F:35:0B:2B:F4:6C:0D:B6:B1:E4:7E:E4:AC:35:2A:E0:69:DB:94:45:F7:D3"}}},"request":{"raw":"GET /turnstile/v0/g/b5237f8e6aad/api.js?onload=VULe5\u0026render=explicit HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://sssdd.2bkg7eusoa.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 31 Oct 2025 15:22:03 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nlast-modified: Thu, 30 Oct 2025 13:04:55 GMT\r\ncache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9974254b797b5699-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49434,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (49433)","md5":"f24e04a472798460d2d59c2eda163369","sha1":"25f767a2785a93e896e154ea443bd43a2dca9c31","sha256":"326a64396e42f6983215214ba618c4dc04c7fe462b484cfe61d647db7812a58a","sha512":"f066cfb3406eadec5de0d5f7d0e1cc9b91b0375b7136eb423af82fafe585f12a263a5b01f274e8a236b1141f59bf2a2296f1d418451cc320bf0c510c1cf644e9","ssdeep":"768:1C6jR2KMga/LUU6c9Db6AqBuTB2Uw5jOyhHVNY1EbV9tGcpfBgQfuWVuY8t:r2Pga/LUU6cRGul2bhKDt","tlshash":"7e232a583256797227d980e0a17b63437326753ae94ccc50e423d976267cecad233fba","first_seen":"2025-10-30T17:40:26.894406Z","last_seen":"2025-11-01T17:17:59.287651Z","times_seen":1659,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":18,"dns":1,"connect":1,"send":0,"wait":10,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/icon?family=Material+Icons","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:58 GMT","end":"Mon, 05 Jan 2026 08:38:57 GMT"},"fingerprint":{"sha1":"1E:BD:59:57:1D:85:DE:FA:02:4F:D0:E3:99:CD:8C:9B:62:9E:2A:D4","sha256":"E6:2C:01:FB:2E:B9:ED:F7:DF:AE:35:78:93:C6:BD:6B:FE:43:09:67:54:88:15:D5:34:D6:13:53:F1:93:4A:45"}}},"request":{"raw":"GET /icon?family=Material+Icons HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 31 Oct 2025 15:22:15 GMT\r\ndate: Fri, 31 Oct 2025 15:22:15 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":565,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"2b7a8d84952a9183b106df19f711324e","sha1":"a92c5e12b422bba9ebb447e1852d9681487361bc","sha256":"282801a0d182035440d5ef6d429d227126d2e6720a52b91d31a7d746c758154e","sha512":"d7ef3f86fe9fa5730a118c688b8f779e82ec3695df5ec48953905ed078ef4d78a3c8005021574d936f69ff0467968b6e68fbcb0680894470abf8f26200af2e0c","ssdeep":"","tlshash":"c0f0c064be0a988566110c42370f3f164d1d401fa80ac8fe8b911d4c8cff1bb134670f","first_seen":"2025-09-17T21:11:07.996842Z","last_seen":"2026-05-03T15:53:14.174057Z","times_seen":38449,"resource_available":false,"data":null}},"time_used":420,"timings":{"blocked":190,"dns":0,"connect":17,"send":0,"wait":33,"receive":0,"ssl":177},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/static_new/css/public.css?v=V1.24","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.287Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static_new/css/public.css?v=V1.24 HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:15 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-RAY: 997425957f5f5a0f-OSL\r\nVary: Accept-Encoding, Accept-Encoding\r\nLast-Modified: Sat, 15 Feb 2020 10:13:12 GMT\r\nETag: W/\"5e47c438-3f5a\"\r\nExpires: Sat, 01 Nov 2025 03:22:15 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=cuqnP0QDc9vLF0623hfWI%2Bt1BwZ8rw1lFKX6flVwH%2B%2FR%2FeYcdA8k5dNnW4CJjYPslTRkVs0u1eDnEkHkEvS3hBKR8nN2aSO5CakAyq7RZRXLLPKHzgeOFt%2Bm1vyYW2zyeED4lIaoiQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=461\u0026min_rtt=461\u0026rtt_var=230\u0026sent=1\u0026recv=3\u0026lost=0\u0026retrans=0\u0026sent_bytes=0\u0026recv_bytes=760\u0026delivery_rate=0\u0026cwnd=249\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16218,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"8d9acb36e3f61379b86658df119cbe5f","sha1":"4b40186551b53328baedb162e495dd276620c3fe","sha256":"2509b72d37e08bbb3d3107b1cf2a5412c2cd17ca5b2949857b37557e192152d0","sha512":"5de9068636f41c93fabb236038495db5af7f8b4467ee3bb98fe62b07b6dac45520b4bc898478a8de899fa6859a03ae3e3f249a597612dce3258c840b03c6f4ae","ssdeep":"192:iJUMZ494EUoQiNCZ5fz9ksnOzaTNUbOnJkFXz9CNvcgIkwUzY5VDb84Xvbzjqoj+:gHSmQbX/Soa","tlshash":"e4720e7a5d580140e37fd3318fda1a99ea354173a2122bae72c991874fb275832cfec5","first_seen":"2023-04-07T08:34:56Z","last_seen":"2026-04-21T08:53:47.839284Z","times_seen":1503,"resource_available":false,"data":null}},"time_used":472,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":470,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:16.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:57 GMT","end":"Mon, 05 Jan 2026 08:38:56 GMT"},"fingerprint":{"sha1":"50:87:4B:4E:FB:30:AB:11:12:23:8E:8F:6B:DB:F7:6D:9A:37:CE:D9","sha256":"E1:35:48:CB:CA:92:00:73:EB:EA:EF:E9:B3:8E:D0:29:54:33:B5:C7:4E:73:DF:B7:7C:F8:B6:07:E7:AD:8C:24"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://sssdd.2bkg7eusoa.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 27 Oct 2025 23:17:37 GMT\r\nexpires: Tue, 27 Oct 2026 23:17:37 GMT\r\ncache-control: public, max-age=31536000\r\nage: 317079\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-03T16:31:57.825615Z","times_seen":784851,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":110,"dns":0,"connect":0,"send":0,"wait":32,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-31T15:22:03.193Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /index/user/login.html HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Fri, 31 Oct 2025 15:22:03 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: close\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncf-mitigated: challenge\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=i8xdS0ZvLytmFBOoBJn6LI5gbu3FoqkQLC6pbpQtuGrIoiZg9UImdAoFd%2FdA%2FCDwhzDNOMtD0SsHxZJTyvsK7D%2F3eNwly60leWC7GU%2BVon16yicD%2FMHT78C2l4n6E%2Fe9DjQif%2BVs%2Fg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 99742549f86a568e-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: chlray;desc=\"99742549f86a568e\", cfL4;desc=\"?proto=TCP\u0026rtt=458\u0026min_rtt=458\u0026rtt_var=229\u0026sent=1\u0026recv=3\u0026lost=0\u0026retrans=0\u0026sent_bytes=0\u0026recv_bytes=426\u0026delivery_rate=0\u0026cwnd=249\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5433,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (5433), with no line terminators","md5":"1d9029ae86efdb56599f840a36f089bc","sha1":"c4db11ff77e5ccfceb27d5beeea55a7789258683","sha256":"ed2f595a3318c33de4675696b518d3e9825513eebf9aee1ccec3e0b3f2034ef5","sha512":"219e78db3e0c96e92c389fdffd27f2af5d8e0ab22170328ed183808509440a9ca34ab29e1574909e48411635fd5d5829bf17f34c8dd32fd93c5fdf08c3cb618e","ssdeep":"96:PNybXZtIEb0EFW87IbVHfaX/wUwRaGFjHzjZoYLsTXu9Yzueh8Ucmw:PNadBmHfa4UKaGFjTjlQTXu6y2jw","tlshash":"28b12aa796415437c3ff577694afb30a2421566446015489eaf0e94ca2eef0f809ebdc","first_seen":"2025-10-31T15:22:47.667244Z","last_seen":"2025-10-31T15:22:47.667244Z","times_seen":1,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":32,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/favicon.ico","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:03.381Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html?__cf_chl_rt_tk=pIwgzDyBBcUhl0Tt93Lkd6K30N3_aUis7bY4m0znhp4-1761924123-1.0.1.1-pl3xPi6wqXoubXLawcPOgelKN6D86LVPU9x5p8CxxqE\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:03 GMT\r\nContent-Type: image/x-icon\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nLast-Modified: Sun, 05 Jan 2020 13:07:52 GMT\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WrUiJzigot7OaHRYBUf45wPDeIrXgfqXrKGdaYKpWzjd7XYRbobiu%2FDVhgJuD04WaHvDCAdkSvXs%2B6lue67bHpMK0Ue7cG0Wxh0mye8%2BYW9L8w%3D%3D\"}]}\r\nStrict-Transport-Security: max-age=31536000\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nETag: W/\"5e11dfa8-2e49\"\r\nContent-Encoding: gzip\r\nCF-RAY: 9974254b1d8156a9-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11849,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 89 x 101, 8-bit/color RGBA, non-interlaced","md5":"d22689c044f347076d89a6ca4feec5fe","sha1":"12c64d90cc1efcad4420de27dccae4535eefa8bc","sha256":"f1eff40ca74ef3471e7a148f564bb74d95454885320df9ad51bc441c991ab1bb","sha512":"23f66840cf4ca0787ab2e09968da1fa34ac86bf83ce0ad090d82e45f65dbf75a2228d9907bba36fc27ae36914776b727a263a37758054dbf3a90696dae493a1c","ssdeep":"192:7GAT62e7INHDzBLcdVIqXy24unSOu2tGGDrYWyBiSQ8GMnw4u48V8/sse+CQHp0G:BTDz9cLIqXvDnmwrYWyBiJnMwEk4JrN7","tlshash":"8332bf21571b2cc186e4dd317fb979e4145222ca523170482728f3a6f6b4d2e5f6bca3","first_seen":"2023-05-01T23:17:15Z","last_seen":"2026-04-23T16:06:14.568122Z","times_seen":1951,"resource_available":false,"data":null}},"time_used":439,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":439,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/favicon.ico","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:03.411Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:03 GMT\r\nContent-Type: image/x-icon\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nLast-Modified: Sun, 05 Jan 2020 13:07:52 GMT\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QDxGSvFOLp%2FfM6oVxX%2BK5HhCBre5Ndj8qOEIiqFWLVZy%2Fb%2Bk17A7wfGWDT7suMh59YqL5Z%2Fx2ctX2A1ls%2FbdVXvcMUGgGa11496Z%2Fl8OhZV54A%3D%3D\"}]}\r\nStrict-Transport-Security: max-age=31536000\r\nAge: 0\r\nCache-Control: max-age=14400\r\ncf-cache-status: HIT\r\nETag: W/\"5e11dfa8-2e49\"\r\nContent-Encoding: gzip\r\nCF-RAY: 9974254b5c7fb4f1-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11849,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 89 x 101, 8-bit/color RGBA, non-interlaced","md5":"d22689c044f347076d89a6ca4feec5fe","sha1":"12c64d90cc1efcad4420de27dccae4535eefa8bc","sha256":"f1eff40ca74ef3471e7a148f564bb74d95454885320df9ad51bc441c991ab1bb","sha512":"23f66840cf4ca0787ab2e09968da1fa34ac86bf83ce0ad090d82e45f65dbf75a2228d9907bba36fc27ae36914776b727a263a37758054dbf3a90696dae493a1c","ssdeep":"192:7GAT62e7INHDzBLcdVIqXy24unSOu2tGGDrYWyBiSQ8GMnw4u48V8/sse+CQHp0G:BTDz9cLIqXvDnmwrYWyBiJnMwEk4JrN7","tlshash":"8332bf21571b2cc186e4dd317fb979e4145222ca523170482728f3a6f6b4d2e5f6bca3","first_seen":"2023-05-01T23:17:15Z","last_seen":"2026-04-23T16:06:14.568122Z","times_seen":1951,"resource_available":false,"data":null}},"time_used":411,"timings":{"blocked":2,"dns":1,"connect":1,"send":0,"wait":406,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/public/js/layer_mobile/need/layer.css?2.0","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.289Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /public/js/layer_mobile/need/layer.css?2.0 HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:15 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-RAY: 997425957ce9b4f7-OSL\r\nVary: Accept-Encoding, Accept-Encoding\r\nLast-Modified: Tue, 10 Dec 2019 03:14:46 GMT\r\nETag: W/\"5def0da6-148c\"\r\nExpires: Sat, 01 Nov 2025 03:22:15 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=WErExY%2BwhGqVxbkA4QaYPwU7SNDVH%2FTFGme1TFHMdJtnt26U3zopi7afkasdi7n4Od1xfvQFXCoThWA92A3kqVrqCRQxogtmXKk4vpBR%2F41rbaK4D3ycdPbYJJegmTAWI1US9LqMGQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=450\u0026min_rtt=450\u0026rtt_var=225\u0026sent=1\u0026recv=3\u0026lost=0\u0026retrans=0\u0026sent_bytes=0\u0026recv_bytes=768\u0026delivery_rate=0\u0026cwnd=249\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5260,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5260), with no line terminators","md5":"633915e62d14a714594b95b974ee0836","sha1":"e11ebb64a70272c4f35b92fea064f27c4b87efad","sha256":"eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6","sha512":"3a0f469c32521c0fe51838b099650f055410cbdabf64659856e009c8d5e1f3a32fed568832282a92892f1398c8557fe1f64a6a34881f711ecd55b41b054d243a","ssdeep":"96:tJA7fs72Cyf26B6ZtbXBh+Bcw0iZRfcSNHIFSf:J72b5YZtbXucwlrESNoa","tlshash":"9cb1c796989303e8b027c51796dc5efe70388d43915209aef157382fc74bdd9b1b260b","first_seen":"2023-04-07T00:16:00Z","last_seen":"2026-05-02T20:25:38.188105Z","times_seen":4987,"resource_available":false,"data":null}},"time_used":465,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":463,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/red/jquery-3.3.1.min.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.290Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /red/jquery-3.3.1.min.js HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:15 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-RAY: 997425957a99b4f4-OSL\r\nVary: Accept-Encoding, Accept-Encoding\r\nLast-Modified: Fri, 05 Mar 2021 16:34:38 GMT\r\nETag: W/\"60425d9e-1538f\"\r\nExpires: Sat, 01 Nov 2025 03:22:15 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=RGQtEsNV7ldcDK6t6LLr8V8onYVvqQ5RZ9gS9tgc5C6HFwDMzzfvTW2oKDqioNb49IsnWygbXTW%2BWRRs9mu78BCO8x4MDBgVbIiTQ%2Bzj2FjN9GMIROaOMdWglesMjb6HV5BhOmxiJA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=403\u0026min_rtt=403\u0026rtt_var=201\u0026sent=1\u0026recv=3\u0026lost=0\u0026retrans=0\u0026sent_bytes=0\u0026recv_bytes=735\u0026delivery_rate=0\u0026cwnd=249\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":86927,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-05-03T16:31:39.00937Z","times_seen":125190,"resource_available":true,"data":null}},"time_used":765,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":539,"receive":224,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/statics/intl-tel-input-master/css/intlTelInput.css","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.291Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /statics/intl-tel-input-master/css/intlTelInput.css HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Fri, 31 Oct 2025 15:22:16 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding, Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nPragma: no-cache\r\nCache-Control: max-age=14400, must-revalidate\r\nLocation: /index/user/login.html\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=gaglzkT%2B0iAoORiOLAQt2riwDVcImnEFGRPPsRT%2FuuxlPyEwNFxIjO3x5JU5FoIj7D2952%2B7mIXRhjcXLMiSFSS5ep6OOY9vhM%2BbMey%2B6xU9zXnBbqBdUPEAK0%2Fxu3HqdpE0AxAb1g%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 997425983e3b0daa-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=665\u0026min_rtt=452\u0026rtt_var=55\u0026sent=22\u0026recv=25\u0026lost=0\u0026retrans=0\u0026sent_bytes=20374\u0026recv_bytes=4429\u0026delivery_rate=21113001\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-03T16:30:47.886967Z","times_seen":14589457,"resource_available":true,"data":null}},"time_used":879,"timings":{"blocked":428,"dns":0,"connect":0,"send":0,"wait":451,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/red/swiper/swiper-bundle.min.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.302Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /red/swiper/swiper-bundle.min.js HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:16 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-RAY: 9974259a6e6db4f1-OSL\r\nVary: Accept-Encoding, Accept-Encoding\r\nLast-Modified: Fri, 05 Mar 2021 16:40:04 GMT\r\nETag: W/\"60425ee4-222b9\"\r\nExpires: Sat, 01 Nov 2025 03:22:16 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=6XyRIjhQqcvNHYx56TeKwxJ8tG1YfQt%2BJAClOktoFtLWrgZu3XArE9ITrS2CQZzg2OLTivjsa2Jj6OSzx4ofvcylykoTnWaEz%2FHC7OACfuPZW8wasS2VeUT6ysidg4%2FjuBNOTchjgg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=668\u0026min_rtt=466\u0026rtt_var=160\u0026sent=30\u0026recv=32\u0026lost=0\u0026retrans=0\u0026sent_bytes=31864\u0026recv_bytes=1877\u0026delivery_rate=17854500\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":139961,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65278)","md5":"c4358cb63a4b96c5d71a2fb630871f30","sha1":"be3b7d9d5bbd680d035f768345778d84eb08fe23","sha256":"c26293076ae548cd0614c5946e9c16f34bd7810fd2f63deeaa28df61ce935229","sha512":"35a85c90dfa0ac1e9f4b1bb7bd074a8b20baf6cc235bafb16148da3d55931ad46e89af33508970da09208e166601df250040841d5dc7742b9d6ab9c065a5a467","ssdeep":"3072:U79yoiRfIBB4G+yMwoSpADH79cVOJjBqcxN:k9ytlByMwoSpADH79cVOJjBqcL","tlshash":"9dd3188db354b2e151e72256539ed10263b65845b80ac1a470b68cd7acbde8c03bfefd","first_seen":"2023-03-07T12:20:59Z","last_seen":"2026-05-03T14:45:33.368769Z","times_seen":3887,"resource_available":true,"data":null}},"time_used":1646,"timings":{"blocked":762,"dns":0,"connect":0,"send":0,"wait":607,"receive":277,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/public/js/layer_mobile/need/layer.css","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.306Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /public/js/layer_mobile/need/layer.css HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:16 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-RAY: 9974259b19c8b4f7-OSL\r\nVary: Accept-Encoding, Accept-Encoding\r\nLast-Modified: Tue, 10 Dec 2019 03:14:46 GMT\r\nETag: W/\"5def0da6-148c\"\r\nExpires: Sat, 01 Nov 2025 03:22:16 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=dyQb12fnHyuuys3EqSB5KDVFc5xTVNItUDoA%2Fm8k%2FC2OR1e5r1sm%2Fw6byWwg6MPz3rKJQdOu4bTRY5uPhrrRyGR51arlaJ3TgcIZcAmioONyy4Mu6k0S%2BO4QCyBdeyriOwjoKOztVQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=488\u0026min_rtt=450\u0026rtt_var=122\u0026sent=8\u0026recv=9\u0026lost=0\u0026retrans=0\u0026sent_bytes=3497\u0026recv_bytes=2301\u0026delivery_rate=7702127\u0026cwnd=254\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5260,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5260), with no line terminators","md5":"633915e62d14a714594b95b974ee0836","sha1":"e11ebb64a70272c4f35b92fea064f27c4b87efad","sha256":"eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6","sha512":"3a0f469c32521c0fe51838b099650f055410cbdabf64659856e009c8d5e1f3a32fed568832282a92892f1398c8557fe1f64a6a34881f711ecd55b41b054d243a","ssdeep":"96:tJA7fs72Cyf26B6ZtbXBh+Bcw0iZRfcSNHIFSf:J72b5YZtbXucwlrESNoa","tlshash":"9cb1c796989303e8b027c51796dc5efe70388d43915209aef157382fc74bdd9b1b260b","first_seen":"2023-04-07T00:16:00Z","last_seen":"2026-05-02T20:25:38.188105Z","times_seen":4987,"resource_available":false,"data":null}},"time_used":1261,"timings":{"blocked":867,"dns":0,"connect":0,"send":0,"wait":393,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/185563370:1761919705:MxZqvyLLr8YAXUTGoKzRlsbGEKmdiEODiTLiQWH5hWI/9974254e6b6656bb/JFok7gv6kJ6NmyJpBZx0Ix8PwQa4wcFVbRPrw.WWF7o-1761924123-1.2.1.1-iJMYiCAkIvD9pX5LHNrmE8oLspVUuhlByEluhPa9sbFsZUwQorhQUn30xuqXz_CA","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","date":"2025-10-31T15:22:09.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 18:59:09 GMT","end":"Wed, 21 Jan 2026 19:59:05 GMT"},"fingerprint":{"sha1":"62:5E:2A:E5:F4:DE:73:E8:94:15:72:65:28:EB:70:25:A8:D2:E7:61","sha256":"2D:41:D6:2B:6A:BB:89:80:01:28:9F:35:0B:2B:F4:6C:0D:B6:B1:E4:7E:E4:AC:35:2A:E0:69:DB:94:45:F7:D3"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/185563370:1761919705:MxZqvyLLr8YAXUTGoKzRlsbGEKmdiEODiTLiQWH5hWI/9974254e6b6656bb/JFok7gv6kJ6NmyJpBZx0Ix8PwQa4wcFVbRPrw.WWF7o-1761924123-1.2.1.1-iJMYiCAkIvD9pX5LHNrmE8oLspVUuhlByEluhPa9sbFsZUwQorhQUn30xuqXz_CA HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto\r\ncf-chl: JFok7gv6kJ6NmyJpBZx0Ix8PwQa4wcFVbRPrw.WWF7o-1761924123-1.2.1.1-iJMYiCAkIvD9pX5LHNrmE8oLspVUuhlByEluhPa9sbFsZUwQorhQUn30xuqXz_CA\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 37719\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 15:22:09 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-gen: Q0K9W7BQ8vyiyyXMnkFBTbz/Wzh8vKLKgep2CH3PesHEI+qi2xNXXQk8rRisiDcH$GwLRVkX5vcGWHF/fZSlVbA==\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 997425702d5856bb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29052,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (29052), with no line terminators","md5":"dee2ad4a8bed5df3823a0eb2d653c23c","sha1":"90184e895abe7ea807cd76c39f65630752cc7bf4","sha256":"cc06119eb9019c4f5e9ec04047e8a108bdb1ec48fc76259cba66abb621718c2a","sha512":"9e496b013aa962cdf97cf99a5342a34ba252fa97b7701fbc3a7c7c161ea419bb4b5d7807a7ac96026bec963de59f532b4f70a733de8d046bd47195edd10878f5","ssdeep":"768:nff1LrqH1399Xz/3z/QCEspM6Cq0JgdlnRnHorqhD14:nffpmH1fXv4J802fIrqh54","tlshash":"b1d2e1c86cf30ee65e9ac66730e0975c8ae1e8b258d14428ddd0adf77cdb0b15425e27","first_seen":"2025-10-31T15:22:47.672662Z","last_seen":"2025-10-31T15:22:47.672662Z","times_seen":1,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,500,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:58 GMT","end":"Mon, 05 Jan 2026 08:38:57 GMT"},"fingerprint":{"sha1":"1E:BD:59:57:1D:85:DE:FA:02:4F:D0:E3:99:CD:8C:9B:62:9E:2A:D4","sha256":"E6:2C:01:FB:2E:B9:ED:F7:DF:AE:35:78:93:C6:BD:6B:FE:43:09:67:54:88:15:D5:34:D6:13:53:F1:93:4A:45"}}},"request":{"raw":"GET /css?family=Roboto:300,400,500,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 31 Oct 2025 15:22:15 GMT\r\ndate: Fri, 31 Oct 2025 15:22:15 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22340,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"272f4d1bd71f769c1d68a20fc73925b1","sha1":"83631762c43a1453589bdf542c4ec309b1305c44","sha256":"bfe3f70239d945b864c31d976d9fc47603acb4809ce64a0d141a14c3d33713cc","sha512":"e40c4fe005c28a396890074c979fd9e6b9711d6a1d757eeb8048292dfc1581a90b23d964f718a1489637bf8a35a1cc55253c4a520ba275b0b5cfc0f75e63aa85","ssdeep":"384:pwf5wgwPwrwyUw/qY4+w4wYwpwfMw1wWw6wyhw/qY4XwNwtwiwfDwOwdwBwyaw/y:pc70afUQRptmJKBLfhQE8YtCR6UfaQ7a","tlshash":"fca2eda1041740009b835ce223cebf35fe5f92117141d0b9abfd9b6badcbc6652693ad","first_seen":"2025-09-08T23:33:19.770085Z","last_seen":"2025-11-18T23:51:39.525584Z","times_seen":7260,"resource_available":false,"data":null}},"time_used":363,"timings":{"blocked":158,"dns":0,"connect":15,"send":0,"wait":34,"receive":0,"ssl":154},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/red/bootstrap/js/bootstrap.min.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.300Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /red/bootstrap/js/bootstrap.min.js HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:16 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-RAY: 9974259a3f3ab4f4-OSL\r\nVary: Accept-Encoding, Accept-Encoding\r\nLast-Modified: Sat, 06 Mar 2021 03:08:34 GMT\r\nETag: W/\"6042f232-f7eb\"\r\nExpires: Sat, 01 Nov 2025 03:22:16 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=K67olmo7JgLYJ9maq%2F7LL9EM0YdNB6swrYou675mh0VsA0kB6FHqCnIrL1pbsMElo%2Fq4eydoZysq8f27EYBVc06rCB4DTh2ZJUca1VTI4qr6aZFVOgEKNj5NUu4mu%2B6qsf0RXGZlGQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=657\u0026min_rtt=403\u0026rtt_var=53\u0026sent=33\u0026recv=32\u0026lost=0\u0026retrans=0\u0026sent_bytes=34373\u0026recv_bytes=1480\u0026delivery_rate=22091539\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":63467,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (63188)","md5":"f0c2bcf5ef0c4476508d79ec9cdcce07","sha1":"3beed68ed7d753c6bf4f61c26386ddd7929ba030","sha256":"edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba","sha512":"5ca6bd1de99dcb5522dca486809760332625520d6033e4212fa7279724dedaaccc0989b89c06753ec55ead0cd34d7ce89d447e766b301ea8093eec02ab531a02","ssdeep":"768:0KD1OYYUhTVvO1Nn6u7MTLOarIkSsBAiAH0FcQ2K8FXsb6mH/3bz5vhCG:0G1T145KVdsXc/hhCG","tlshash":"a453750672a4f472059fa176803b0a0bb7362c9de506b16cbad998dd1f7cd443267f3a","first_seen":"2023-03-07T01:03:47Z","last_seen":"2026-05-03T14:02:46.575613Z","times_seen":9881,"resource_available":true,"data":null}},"time_used":1390,"timings":{"blocked":738,"dns":0,"connect":0,"send":0,"wait":486,"receive":166,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/red/main.js?v=V1.24","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.310Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /red/main.js?v=V1.24 HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:17 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-RAY: 9974259debf15a0f-OSL\r\nVary: Accept-Encoding, Accept-Encoding\r\nLast-Modified: Wed, 19 Jan 2022 05:58:46 GMT\r\nETag: W/\"61e7a896-269b\"\r\nExpires: Sat, 01 Nov 2025 03:22:16 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=oN1k9cWBMQ%2BG0eZI2O4VodsiDZ8opQjIC9qTWHI8lMnoSWEOGjk0IkS2tT842io55nxYFi2LeVLQ7KltnkcUV5IZgQPQnry%2FPegLtaxuAMCH9aVkR1ZxFHLKRHXbjZvlqBwZmhCKzA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=620\u0026min_rtt=461\u0026rtt_var=232\u0026sent=20\u0026recv=13\u0026lost=0\u0026retrans=0\u0026sent_bytes=15410\u0026recv_bytes=2963\u0026delivery_rate=10477568\u0026cwnd=253\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9883,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"5459bfb3c913c348bc765e0046c99cdd","sha1":"7d40e6df5997f7df0baaceb857546018dcd80520","sha256":"ac222d136784de2fe2d4615e2ad86651b3310bbc7538a851d708d381b8443dc5","sha512":"11125f21d71c289d0155025ba1eebd1cbc65dd348edc9f3e483413f13a0db32a2d38068d3de792077c3b01bbd0eb703616a2cd7bedb54caeb1e86b44d0152e63","ssdeep":"192:IQ3p3BwRH5w0rpCBmWO/6+cbmLGSr+gCpeMQlE/Dq:IQZxkHIhSKrlm","tlshash":"7b12341874f2502241bf383fbabf93887536424b654eee117cad56d49f2077c6272ae8","first_seen":"2023-03-07T14:05:37Z","last_seen":"2026-04-13T03:57:51.201786Z","times_seen":1133,"resource_available":true,"data":null}},"time_used":1720,"timings":{"blocked":1312,"dns":0,"connect":0,"send":0,"wait":408,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/static_new/js/common.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.309Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static_new/js/common.js HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:16 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-RAY: 9974259d8bc5b4f7-OSL\r\nVary: Accept-Encoding, Accept-Encoding\r\nLast-Modified: Sun, 29 Mar 2020 13:03:20 GMT\r\nETag: W/\"5e809c98-84e\"\r\nExpires: Sat, 01 Nov 2025 03:22:16 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=otrQJ6YY0onOcJT%2Fa8vc%2Bj8tASPmjOnpV2L2CfgTP6riKKQ4OPFPT6BX%2FoWOfTRxWmrH5qsDH2fMGrI4G8EzxdyE8I63rRgq%2B%2BjviF4fH04SCkgIHiFSgaUW%2B6tpel9hJ8dzJDu8PA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=511\u0026min_rtt=450\u0026rtt_var=137\u0026sent=12\u0026recv=11\u0026lost=0\u0026retrans=0\u0026sent_bytes=5963\u0026recv_bytes=3036\u0026delivery_rate=7702127\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2126,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"406be4345cfb532036cad97a814bc41a","sha1":"675d6a1546566c56cbfdd718373b19f26f79f3bc","sha256":"c086a692a01d650dccb602faf9fbea54f920546532821ad19cdefeb750eea586","sha512":"5302c295510779f41fd7491683e0e727636a1ffa702174f6f196db8edbf305c742e3ca63c7d089dd9c6d558f1a542ea3fa041cf4ed3859ba652d07296fd85de3","ssdeep":"","tlshash":"0c418849bea92973012ef3694a2f9227d9375027ebdd80407d0ec5801b305cab59ee8f","first_seen":"2023-03-07T01:20:30Z","last_seen":"2026-04-23T16:06:14.56615Z","times_seen":1597,"resource_available":true,"data":null}},"time_used":1694,"timings":{"blocked":1258,"dns":0,"connect":0,"send":0,"wait":436,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:16.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:57 GMT","end":"Mon, 05 Jan 2026 08:38:56 GMT"},"fingerprint":{"sha1":"50:87:4B:4E:FB:30:AB:11:12:23:8E:8F:6B:DB:F7:6D:9A:37:CE:D9","sha256":"E1:35:48:CB:CA:92:00:73:EB:EA:EF:E9:B3:8E:D0:29:54:33:B5:C7:4E:73:DF:B7:7C:F8:B6:07:E7:AD:8C:24"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://sssdd.2bkg7eusoa.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 27 Oct 2025 23:17:37 GMT\r\nexpires: Tue, 27 Oct 2026 23:17:37 GMT\r\ncache-control: public, max-age=31536000\r\nage: 317079\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-03T16:31:57.825615Z","times_seen":784851,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":106,"dns":0,"connect":0,"send":0,"wait":16,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/185563370:1761919705:MxZqvyLLr8YAXUTGoKzRlsbGEKmdiEODiTLiQWH5hWI/9974254e6b6656bb/JFok7gv6kJ6NmyJpBZx0Ix8PwQa4wcFVbRPrw.WWF7o-1761924123-1.2.1.1-iJMYiCAkIvD9pX5LHNrmE8oLspVUuhlByEluhPa9sbFsZUwQorhQUn30xuqXz_CA","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","date":"2025-10-31T15:22:04.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 18:59:09 GMT","end":"Wed, 21 Jan 2026 19:59:05 GMT"},"fingerprint":{"sha1":"62:5E:2A:E5:F4:DE:73:E8:94:15:72:65:28:EB:70:25:A8:D2:E7:61","sha256":"2D:41:D6:2B:6A:BB:89:80:01:28:9F:35:0B:2B:F4:6C:0D:B6:B1:E4:7E:E4:AC:35:2A:E0:69:DB:94:45:F7:D3"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/185563370:1761919705:MxZqvyLLr8YAXUTGoKzRlsbGEKmdiEODiTLiQWH5hWI/9974254e6b6656bb/JFok7gv6kJ6NmyJpBZx0Ix8PwQa4wcFVbRPrw.WWF7o-1761924123-1.2.1.1-iJMYiCAkIvD9pX5LHNrmE8oLspVUuhlByEluhPa9sbFsZUwQorhQUn30xuqXz_CA HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto\r\ncf-chl: JFok7gv6kJ6NmyJpBZx0Ix8PwQa4wcFVbRPrw.WWF7o-1761924123-1.2.1.1-iJMYiCAkIvD9pX5LHNrmE8oLspVUuhlByEluhPa9sbFsZUwQorhQUn30xuqXz_CA\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 4023\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 15:22:04 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-gen: nSPjFlT/CzlORuAQbSGpq7WtD4kPnlPwWG5S0yTASnQGMDI5cKz4R1zZ+JXW6Ldw40FIQDvQAXHPMPQR/KE79BBaxYL4prPmlSieZDriWNLjXyYE9AaeMzY5496Xlz5hqv+dxMn0uQd209vrH2ljR5xHiHvaLyyPBB1N44BCX4EWV56yvC1k0ZEA4bFBhxPOYiuHzjRAWlRJgugx04/Vz3xCLWEICMpferTof1aUSnJq96uAppJT6sYr8ckCr23kOy5kr15Ecr9V43TPGpgkczSzuZ3lfp9wjStxnVxeMlz6aqk01JJ6HsK48ivqOxk/rAv/mFmBK6fA3Oi1XMshmv4G3rh8Rxqs1uWEvQhDiiGj+Pyki0fa5x4+bzbp5J1d+p87eWVa6/WCDeza7Kiv77xCdIeezzLLzwZQABHc/w9kekuURcDjV4eaXYHRi5/ZK7moBn1wSK2b89B3JBXJuPCOcWQBkhCOI6LY8O4LNiJzGCB2pJZhrhr3IvHMmulkZqMqKfI87oJ9WWoNoOrQfSQxiqofVQI3QwpYclpGh7Q3siFemCRocvKj0hZCndEgcX2f6Z1iIJ1A4IV5TEmAZL/SER61tTZXK1VJz1dl8OBH2H1GUgjBQ+/ZSvnYIoCuZzecNc/RkSNvv+fxUJrGu7ercRWN5YYxuH41jpdMayg3DjhocW8qnkq5npU7+SSR3YuMc92HsZw5Wy07wuupDl3VfcRWl+RgYVBVlYWv5Rzfo3aUVFxG0B2+NOqfP0+eYyZ2otniQYjJ33oyOdkQ8Q==$wrZvntlBTw2Yxx2ads0+jQ==\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 997425514e5d56bb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":264684,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"3bdb745953162e4ebbc53ab6e679aec2","sha1":"4a02fb78385ef92f6af643b3842116a8e48b88e3","sha256":"a48e64b9ac62af69ce2fb8aa481151642a63ce3982e22f9d5e91f1499f5c0946","sha512":"d07cce5c3940bda7808ae5f447b0553a3a6bd4b6377bf41ba0a45acf2a719b9e70f722312031599e5235c0db7ed5534d7228b0d532d290be39502343acf1a559","ssdeep":"6144:CU49QdAeOg6tmCSP6+/avvnBiMFjhLweE182bcsj939M3:C/CAeOgOSP6QavnBphLwUAbJNM3","tlshash":"ef4412130ea93fe70bae603d13471e849c56b0cb6820f560fb221a97ad4ed7de5b451b","first_seen":"2025-10-31T15:22:47.67603Z","last_seen":"2025-10-31T15:22:47.67603Z","times_seen":1,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":74,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/static_new/js/jquery.progressBarTimer.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.308Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static_new/js/jquery.progressBarTimer.js HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:16 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-RAY: 9974259d4a7356a9-OSL\r\nVary: Accept-Encoding, Accept-Encoding\r\nLast-Modified: Sat, 03 Apr 2021 06:32:48 GMT\r\nETag: W/\"60680c10-784\"\r\nExpires: Sat, 01 Nov 2025 03:22:16 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=cVoAlfSwngPEO40GnJddH7PUszDSiSK82uxZzztXPFdNStDscP8HJFpEDiDbV4N99UlwMlQYJJ0v83xLEWWQHSUGeMoKAbibCna77czbtFKc7FDrnEEcXl6b9ObZPuUzze7037%2F3zg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=1379\u0026min_rtt=500\u0026rtt_var=1270\u0026sent=90\u0026recv=57\u0026lost=0\u0026retrans=0\u0026sent_bytes=98793\u0026recv_bytes=11950\u0026delivery_rate=32572597\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1924,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1924), with no line terminators","md5":"1a401b07e6aa47e4f56ff8e7d2348630","sha1":"326693fc17ae939593fae2b19ed7a8d7b37c5c82","sha256":"9483950e2ce19786e44c4fd03b523e94537bf19da885693a9eb0756ab8c183ef","sha512":"0f279c0c4463125a8c46766a6d02256eb55301ca8a3ea235e3723d8b7391e792bca1da9c027f773db7021b54a3d51aec5b9a78afd6dfeb81884cf5ce5404aeb6","ssdeep":"","tlshash":"b2410c05f3a31a8d00ea66706027124e6213000b0566b12c7b7ee5dbed7af6c307abfd","first_seen":"2023-03-07T14:05:37Z","last_seen":"2026-04-23T16:06:14.599278Z","times_seen":1472,"resource_available":true,"data":null}},"time_used":1622,"timings":{"blocked":1221,"dns":0,"connect":0,"send":0,"wait":401,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/favicon.ico","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:17.139Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:17 GMT\r\nContent-Type: image/x-icon\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nLast-Modified: Sun, 05 Jan 2020 13:07:52 GMT\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TwlCV4gxvo4RXPc91VYYFsuPOkHcxvtE3ZkL2bNOkYJfCIOkfvghuD3ou8ng7CA9yf2WWUf4u9qPJZMAL%2FgYwbWSeZfQfPtVNgEbaN32siWNow%3D%3D\"}]}\r\nStrict-Transport-Security: max-age=31536000\r\nAge: 13\r\nCache-Control: max-age=14400\r\ncf-cache-status: HIT\r\nETag: W/\"5e11dfa8-2e49\"\r\nContent-Encoding: gzip\r\nCF-RAY: 997425a11e1a56a9-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11849,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 89 x 101, 8-bit/color RGBA, non-interlaced","md5":"d22689c044f347076d89a6ca4feec5fe","sha1":"12c64d90cc1efcad4420de27dccae4535eefa8bc","sha256":"f1eff40ca74ef3471e7a148f564bb74d95454885320df9ad51bc441c991ab1bb","sha512":"23f66840cf4ca0787ab2e09968da1fa34ac86bf83ce0ad090d82e45f65dbf75a2228d9907bba36fc27ae36914776b727a263a37758054dbf3a90696dae493a1c","ssdeep":"192:7GAT62e7INHDzBLcdVIqXy24unSOu2tGGDrYWyBiSQ8GMnw4u48V8/sse+CQHp0G:BTDz9cLIqXvDnmwrYWyBiJnMwEk4JrN7","tlshash":"8332bf21571b2cc186e4dd317fb979e4145222ca523170482728f3a6f6b4d2e5f6bca3","first_seen":"2023-05-01T23:17:15Z","last_seen":"2026-04-23T16:06:14.568122Z","times_seen":1951,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:03.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 18:59:09 GMT","end":"Wed, 21 Jan 2026 19:59:05 GMT"},"fingerprint":{"sha1":"62:5E:2A:E5:F4:DE:73:E8:94:15:72:65:28:EB:70:25:A8:D2:E7:61","sha256":"2D:41:D6:2B:6A:BB:89:80:01:28:9F:35:0B:2B:F4:6C:0D:B6:B1:E4:7E:E4:AC:35:2A:E0:69:DB:94:45:F7:D3"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/hxclz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 31 Oct 2025 15:22:03 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npermissions-policy: accelerometer=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\ncontent-security-policy: default-src 'none'; script-src 'nonce-i7a4KHK0koqzzoZY' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\norigin-agent-cluster: ?1\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\nreferrer-policy: same-origin\r\ndocument-policy: js-profiling\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9974254e6b6656bb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":165223,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (65536), with no line terminators","md5":"2f663dfca399ba4866887596de7b14be","sha1":"4b6d94c671c85dc272d242e289877f2c2ec30bdf","sha256":"de032275905438b858d33453a0bfdb110d9dd5148509b2402c4f98a6a5c5dbb9","sha512":"c24c3043476cf4b0fec7be61e0fea802a645998e12e455cf01535f906e7d5cff74ba06079dd92ead69be07c4a15c015450d6f3f65d9981975ba5be39c8121b33","ssdeep":"1536:Wrdba3m/bo1aMjlhaK6zrN2ftejHAsp22ITD9ecEHa7A4uU2gpKPoo/5CIpSW+kx:WZzc1awTaKPAYTpepHaehlzNCN3N5efz","tlshash":"15f3194b69ca7696236664ac402334ca627f6cc83458a97df344f5f47cd93183ae3eb4","first_seen":"2025-10-31T15:22:47.677555Z","last_seen":"2025-10-31T15:22:47.677555Z","times_seen":1,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-31T15:22:14.795Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /index/user/login.html HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html?__cf_chl_tk=pIwgzDyBBcUhl0Tt93Lkd6K30N3_aUis7bY4m0znhp4-1761924123-1.0.1.1-pl3xPi6wqXoubXLawcPOgelKN6D86LVPU9x5p8CxxqE\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 2350\r\nOrigin: http://sssdd.2bkg7eusoa.top\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:15 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding, Accept-Encoding\r\nSet-Cookie: se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7; path=/; HttpOnly\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=GlbPWvAKI5I%2FLsIYI1Lr4Gp9bTU%2Ba7TU6xNeNWD%2FBIKUf2apJ7%2BpVojBGNwtf4mjKvsBJBs3fXJ2%2B%2BsNY1jMCdFJAdoiliBprXfOPY0%2BH6EZfbWsnCK5M9xUK7j5IJJoItJk2XRb0g%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9974259279a856a9-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=1160\u0026min_rtt=512\u0026rtt_var=245\u0026sent=55\u0026recv=31\u0026lost=0\u0026retrans=0\u0026sent_bytes=63409\u0026recv_bytes=9704\u0026delivery_rate=32572597\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8913,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2438)","md5":"60881341b38e6b719d3bad123bdd2a4e","sha1":"f5b307300eeb64066cfeab466154a59d9cfcffe3","sha256":"c94c3fdde438c72082340a09d95cbdc6d5efaecfb61864df8b639b16a3f84a59","sha512":"6a020494d3586e4537fb9cee7270d7f3832003c7d297902a7576e354936cbe06d58e1933cb0705eda1d701658b0f0260c20d9ed8ef0022ff52df2789ab298e6f","ssdeep":"192:yuB90N0Oydd2J5obDJcbYgMVFZUCfw+hFOmCb1S3B:Nad2I5ob+kwCbFOy","tlshash":"4b02b734e992962712332cac75bab319b06bc10fda0bed047aec27d45fe9d588671b44","first_seen":"2025-10-31T15:22:47.67866Z","last_seen":"2025-10-31T15:22:47.67866Z","times_seen":1,"resource_available":false,"data":null}},"time_used":423,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":422,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/red/bootstrap/css/bootstrap.min.css","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.281Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /red/bootstrap/css/bootstrap.min.css HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:15 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-RAY: 997425956c1e56a9-OSL\r\nVary: Accept-Encoding, Accept-Encoding\r\nLast-Modified: Sat, 06 Mar 2021 03:08:24 GMT\r\nETag: W/\"6042f228-27681\"\r\nExpires: Sat, 01 Nov 2025 03:22:15 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=YdRgDvrJjSzEnwMiR2tBxlyMATFY9WgkjS2KkMEk%2FUEuefDEHhqeDNDT5WGy4QdZn9EzyQpGw%2Bh4jVqfIB7EAabGhi%2FvTDPAN61xYNQ020R7laZThVDuF4CUp%2Br%2F%2BY30GGWkS5BrgA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=1086\u0026min_rtt=512\u0026rtt_var=244\u0026sent=60\u0026recv=34\u0026lost=0\u0026retrans=0\u0026sent_bytes=67419\u0026recv_bytes=10466\u0026delivery_rate=32572597\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":161409,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65326)","md5":"d432e4222814b62dd30c9513dcc29440","sha1":"2cac4afc120983921411296bd4e8fd8a94ba237e","sha256":"4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601","sha512":"3f9320327d6304dd356ac060534cfad10938431897a3cebec2515a84aaec41fdfb73d72ba39d7b5b35523cf575b432b3864bb6889d855602faef01b4dd21a734","ssdeep":"1536:iC7AIJkTR+rMqFVD2DEBi8yNcuSElAz/uJpq3SYiLENM6HN26R:d7XXGLq3SYiLENM6HN26R","tlshash":"8cf353a6f5a0312de4a7c61964d0bafd152f8245d7224bfbf8273b6447892c70a73e4c","first_seen":"2023-04-05T05:11:52Z","last_seen":"2026-05-03T16:01:26.885582Z","times_seen":12461,"resource_available":false,"data":null}},"time_used":832,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":610,"receive":222,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/statics/intl-tel-input-master/css/demo.css","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.295Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /statics/intl-tel-input-master/css/demo.css HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Fri, 31 Oct 2025 15:22:16 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding, Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nPragma: no-cache\r\nCache-Control: max-age=14400, must-revalidate\r\nLocation: /index/user/login.html\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=NW32fbnsb9D8dpWO1mnbKZYo4jC6TNHgn6mdZga84qTN%2B075x1KHK8MH1xGNP13UZSlmRTh92t%2FGv2JzKC7KJKDn2A2kaR76xM9lVBzGnVUO70pZHVaYtbcCz3fJ22FnAJvnDMfEbQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 997425985f85b4f7-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=478\u0026min_rtt=450\u0026rtt_var=137\u0026sent=5\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2454\u0026recv_bytes=1537\u0026delivery_rate=7702127\u0026cwnd=252\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-03T16:30:47.886967Z","times_seen":14589457,"resource_available":true,"data":null}},"time_used":877,"timings":{"blocked":443,"dns":0,"connect":0,"send":0,"wait":434,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/logo.jpg","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.298Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /logo.jpg HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:17 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 51614\r\nConnection: keep-alive\r\nCF-RAY: 9974259dec8c0daa-OSL\r\nLast-Modified: Tue, 17 Jun 2025 16:37:24 GMT\r\nVary: Accept-Encoding\r\nETag: \"685199c4-c99e\"\r\nExpires: Sun, 30 Nov 2025 15:22:16 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\nStrict-Transport-Security: max-age=31536000\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=W3aqigvi9eZngUxBIsxyBO6m7JCqctgWkBDcyAjTMnrrXbg8vIF15VYY0Yl8uacQtwqqOZhtUfESv42O1SQVyJygjN8aCYAiyKCJ6rkTw6PK4NBXSFulrBYAcF7wb%2FTPsQ3nro5Rcw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=659\u0026min_rtt=452\u0026rtt_var=57\u0026sent=33\u0026recv=29\u0026lost=0\u0026retrans=0\u0026sent_bytes=28836\u0026recv_bytes=5910\u0026delivery_rate=21113001\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":51614,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1001x1001, components 3","md5":"42014cd70cd1e14239167de530714f8c","sha1":"0cb9b804e9cd0553c8f3752bb419e115a15f1dfe","sha256":"27e7b76ad01eb0b5272766df43fd6c624eaf00438d69dadcaf673df43c922f64","sha512":"58039ed32ff19e28b22f51cd6f912db60d0c19cac585695c0e9f547b2b128655e1028da27fa56291b3d0f0e1acadc01111096ec1882d6b0653ee98492db6be13","ssdeep":"768:8ewKQoLhL8rASd9VUrDOIDLgdtZV1JFVrpK8kn2C6z6MiXhldDs809wrN+:tQoSL8OIDLgdtZV1xrrHz6njP0arN+","tlshash":"6b33d167db4907bfe49c36b581f76240af3ea033531327470f82a6a135b2b4bbd25526","first_seen":"2025-10-31T15:22:47.680172Z","last_seen":"2025-10-31T15:22:47.680172Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2155,"timings":{"blocked":1332,"dns":0,"connect":0,"send":0,"wait":481,"receive":342,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/red/popper.min.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.299Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /red/popper.min.js HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:16 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-RAY: 997425986eba5a0f-OSL\r\nVary: Accept-Encoding, Accept-Encoding\r\nLast-Modified: Fri, 05 Mar 2021 16:34:56 GMT\r\nETag: W/\"60425db0-520c\"\r\nExpires: Sat, 01 Nov 2025 03:22:16 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ebTCZrWeFu0229QpyIv72XkGKwvxBF50eSTIg%2Bbye4Oq7AhP7g7H1bvPM12z9zwwxam2ywIqsYc%2BECnOBI0SWLec7%2Bm%2BpPo6B03pYQKzBCnN8HuBJ4zjOk%2Bq2PuXaxUKAkw75DeO4A%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=496\u0026min_rtt=461\u0026rtt_var=118\u0026sent=6\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=3700\u0026recv_bytes=1489\u0026delivery_rate=10161403\u0026cwnd=253\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21004,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20831)","md5":"56456db9d72a4b380ed3cb63095e6022","sha1":"6dbce88aee15b42f29083df7a07513cf3b486ba0","sha256":"66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2","sha512":"e56bd96b837b26add354d0a9e2b8dc04c95cea94f7959ee05718ed23a224296fae22d49afab160b45963bd99c2c501a3f12517e431eb68a13a327ff8b262b50a","ssdeep":"384:kmQkLrwVOyzirVyKnxRsIB9Db5HjiWn8xHOxvRVgD75zBY5vImg3FzGpL9ARdOgS:vLsgyziJp3Db5OxHOxvYD73Y5vQzyL9p","tlshash":"1992b4cc3294b06643a791a7a0af960fb2339875610e9410f19df2d97c30ef9a13bc79","first_seen":"2023-03-07T01:06:27Z","last_seen":"2026-05-03T15:58:23.659573Z","times_seen":17626,"resource_available":true,"data":null}},"time_used":892,"timings":{"blocked":443,"dns":0,"connect":0,"send":0,"wait":448,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/red/jquery.cookie.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.304Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /red/jquery.cookie.js HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:16 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-RAY: 9974259a988256a9-OSL\r\nVary: Accept-Encoding, Accept-Encoding\r\nLast-Modified: Fri, 05 Mar 2021 16:36:06 GMT\r\nETag: W/\"60425df6-c31\"\r\nExpires: Sat, 01 Nov 2025 03:22:16 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=XYxluVuztC2iAQDgAL2fLK3SaHBObBETzZtGOhB%2B7Yzxufh4myDIKl%2FyK%2BKaUch5p6eeryugiQyuCEEE0aj4ybqzIYixriBnLcrqzNgvV9KgvzuAScFz%2FDINV1uI%2B8s4ET4yggHcTg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=1524\u0026min_rtt=500\u0026rtt_var=1843\u0026sent=86\u0026recv=55\u0026lost=0\u0026retrans=0\u0026sent_bytes=96317\u0026recv_bytes=11198\u0026delivery_rate=32572597\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3121,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"d5528dde0006c78be04817327c2f9b6f","sha1":"31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8","sha256":"b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8","sha512":"69484bdb1382ae92c4b860f97fab601db2d8117469619f06e720fe5a516b5eb3f2d88ad6065bba6e28790bd1faa86b20aa753a9a0c7a2ad53c4eb787a404a9af","ssdeep":"","tlshash":"ff516650b7cc361e06ab22516b6f10ace63cff721158449d881965f82cb0c7bdb6bd6a","first_seen":"2023-03-07T01:06:39Z","last_seen":"2026-05-03T15:45:06.266544Z","times_seen":16048,"resource_available":true,"data":null}},"time_used":1224,"timings":{"blocked":796,"dns":0,"connect":0,"send":0,"wait":428,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/public/js/layer_mobile/layer.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.307Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /public/js/layer_mobile/layer.js HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:16 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-RAY: 9974259b3d6e5a0f-OSL\r\nVary: Accept-Encoding, Accept-Encoding\r\nLast-Modified: Tue, 10 Dec 2019 03:14:46 GMT\r\nETag: W/\"5def0da6-ce8\"\r\nExpires: Sat, 01 Nov 2025 03:22:16 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=TJ92Ka7%2F8%2F1NLjPYPs6G9R5JmwVw%2B1wnd8hTp2005rBf1gHXOHKQxa2ZQLpHscKRwtnZgaXDdgo%2BAraENxaMrT8Yjv1pjLuFQhL9%2B6D0ChAkjortjIU46g4sfK9DGZy9VsKPEL66Tg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=608\u0026min_rtt=461\u0026rtt_var=279\u0026sent=15\u0026recv=11\u0026lost=0\u0026retrans=0\u0026sent_bytes=12753\u0026recv_bytes=2232\u0026delivery_rate=10477568\u0026cwnd=253\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3304,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3204)","md5":"79b7829af0bbfea5760aa606bf1a02c7","sha1":"54c27862e41ef815009fca7b54d9d463cfb015bc","sha256":"2fc4428e63cd5bd982210576674877bd1ba3eb59b9f4686d3668fd94530fa4b7","sha512":"dc634dfed7b74ba81193c8362188ab44430b00ed4dcc93dd4a68c22de03157b2b9ac611139cb5a5f3a63a6d7472445e8e08e87318514560f5f2231898a4032d1","ssdeep":"","tlshash":"7f61a676f10176b7661320c4e06f690fb6775151b2008840e0e5e5aeaafed0ca87bf5d","first_seen":"2023-03-07T01:34:12Z","last_seen":"2026-05-02T20:25:38.177909Z","times_seen":4582,"resource_available":true,"data":null}},"time_used":1314,"timings":{"blocked":885,"dns":0,"connect":0,"send":0,"wait":429,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/static_new/js/dialog.min.js","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.305Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static_new/js/dialog.min.js HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:16 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-RAY: 9974259b0cf30daa-OSL\r\nVary: Accept-Encoding, Accept-Encoding\r\nLast-Modified: Sat, 15 Feb 2020 10:13:12 GMT\r\nETag: W/\"5e47c438-6cfa\"\r\nExpires: Sat, 01 Nov 2025 03:22:16 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=%2BgSflVUSpRS0cqdbuMhO%2FYXEyjlPhdh9X3Dw2jcqmGNTGC%2BDGQbqwtWyJmLB09UG8jre%2FWapze52CKRdlq5VX3fXKPyb3AW5dKlfvETfW8bg70JS6ardpejKUnZ26jMGXos%2BZ7pjjA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=652\u0026min_rtt=452\u0026rtt_var=56\u0026sent=25\u0026recv=27\u0026lost=0\u0026retrans=0\u0026sent_bytes=21428\u0026recv_bytes=5168\u0026delivery_rate=21113001\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27898,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"5b00205ad1fe51bf8f61bcb3de292faa","sha1":"4b12f988964d29bd82b14e71b86104a1a91b667b","sha256":"d1eef2b2ff683e089b9d124aa8090e174252e0894af20ae6d78fed7dc69744d5","sha512":"4b4d16845173e2fdf03eda7f3d3c1750f5a5c7016850a658ac290ae44d079e8f91f6767d4bf6771846890739371aa443f349384144e9f59922c9c2f0974e224f","ssdeep":"192:8792uFckSv56nit+FETsYnZpeVbMcMtUqVbMcvwpNDygwNAZPPrxmjp4axgVVHpD:kHC8u6fRVFObkcobwhUi2VHEaLgiz","tlshash":"cbc2322465eb21964a73f83687ab3112f2270013941dfe15397f465c0fe4b3876aafe6","first_seen":"2023-04-07T00:16:00Z","last_seen":"2026-04-23T16:06:14.560206Z","times_seen":3676,"resource_available":true,"data":null}},"time_used":1324,"timings":{"blocked":866,"dns":0,"connect":0,"send":0,"wait":458,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/materialicons/v145/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:16.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:57 GMT","end":"Mon, 05 Jan 2026 08:38:56 GMT"},"fingerprint":{"sha1":"50:87:4B:4E:FB:30:AB:11:12:23:8E:8F:6B:DB:F7:6D:9A:37:CE:D9","sha256":"E1:35:48:CB:CA:92:00:73:EB:EA:EF:E9:B3:8E:D0:29:54:33:B5:C7:4E:73:DF:B7:7C:F8:B6:07:E7:AD:8C:24"}}},"request":{"raw":"GET /s/materialicons/v145/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://sssdd.2bkg7eusoa.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 128352\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 29 Oct 2025 20:58:54 GMT\r\nexpires: Thu, 29 Oct 2026 20:58:54 GMT\r\ncache-control: public, max-age=31536000\r\nage: 152602\r\nlast-modified: Wed, 17 Sep 2025 16:29:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":128352,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 128352, version 1.0","md5":"53436aca8627a49f4deaaa44dc9e3c05","sha1":"0bc0c675480d94ec7e8609dda6227f88c5d08d2c","sha256":"8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1","sha512":"6655e0426eb0c78a7cb4d4216a3af7a6edd50aba8c92316608b1f79b8fc15f895cba9314beb7a35400228786e2a78a33e8c03322da04e0da94c2f109241547e8","ssdeep":"3072:b4XkN5u3RbAR2r4lJ8FBnP7fNblbKBRvqy:fGdA8FBP7fNb5y","tlshash":"91c3231efc32af9a2e1724ec288521809c1e92fbe0b3512cf565f437e76517d999ca09","first_seen":"2023-04-05T13:19:11Z","last_seen":"2026-05-03T15:37:41.562976Z","times_seen":55553,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":103,"dns":0,"connect":0,"send":0,"wait":47,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sssdd.2bkg7eusoa.top/index/user/login.html","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"104.21.75.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-31T15:22:02.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"2bkg7eusoa.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 06:05:21 GMT","end":"Thu, 22 Jan 2026 07:04:02 GMT"},"fingerprint":{"sha1":"3F:11:6C:A7:64:9B:CA:97:AC:35:70:93:7A:6C:74:69:44:5D:C1:D2","sha256":"73:0C:6E:9F:8D:4A:EA:32:A6:BF:22:50:80:BE:AD:BF:EE:C1:96:1E:81:67:08:F1:A7:67:13:01:EE:92:9E:F5"}}},"request":{"raw":"GET /index/user/login.html HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Fri, 31 Oct 2025 15:22:03 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncf-mitigated: challenge\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=nhr8Qn80%2FxeIGM6NJ%2BLFTkLURiAEXhhMWGC3%2FOj%2Bx15NpGJfuGVmPOZfYI1ib%2BXCH%2BSq6lPxyny%2BAcvi0DeVZZikRsVd7pnWJWkWpKyctIXhiWVeC3b6JiNGC4QLZ%2ByDW6LzcSIQYQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 997425492c4bc759-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: chlray;desc=\"997425492c4bc759\", cfL4;desc=\"?proto=TCP\u0026rtt=468\u0026min_rtt=392\u0026rtt_var=157\u0026sent=6\u0026recv=10\u0026lost=0\u0026retrans=0\u0026sent_bytes=3260\u0026recv_bytes=1276\u0026delivery_rate=6776911\u0026cwnd=253\u0026unsent_bytes=0\u0026cid=de0d0b46f74bded6\u0026ts=49\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7758,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (7758), with no line terminators","md5":"539481fa431ac110a46b42e84cf1a36b","sha1":"5658601176eb5c06c0615f9e08ad017b7d822744","sha256":"7507665ee65ef5f5a40465a982407aeb9dd81ea08e38a13f65dbfcdc4a7d0280","sha512":"750ae9d3d822f293770d893da8e898f93e0f373a852073d26ba75311d5055012ec9d94310e6ba80c8e0224da78482bb215400ac12d74c308a896ba70d6f4907b","ssdeep":"192:PNadBk+8E7REJ6NZV79TH60Y6V4IWyF+JpZK6AyBw:0IxWHh+B3yF+JTK6hw","tlshash":"d5f16dd7940a501fa2bf5ad089ffb7048221f194c60ed2bde5f3a8accad9e4385606d5","first_seen":"2025-10-31T15:22:47.68398Z","last_seen":"2025-10-31T15:22:47.68398Z","times_seen":1,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":69,"dns":51,"connect":1,"send":0,"wait":34,"receive":0,"ssl":15},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-31T15:22:03Z","timestamp":1761924123,"ip_dst":{"addr":"104.21.75.182","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":51128,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-10-31T15:22:03.224068+0000\",\"flow_id\":43717735738613,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":51128,\"dest_ip\":\"104.21.75.182\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"sssdd.2bkg7eusoa.top\",\"url\":\"/index/user/login.html\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":698,\"bytes_toclient\":2407,\"start\":\"2025-10-31T15:22:03.191733+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/cdn-cgi/challenge-platform/h/g/flow/ov1/1409629024:1761919705:0jsWkLYhDE7pwKOflQnvhftYZnAfDL5nRWFnQ-Zr79Y/99742549f86a568e/0nnUE4_.zhz6KWAD8EH2ShktGmvVA_F0LXAoZgFZUdY-1761924123-1.2.1.1-P5irEiY0IbCgfhaoDTLDlNak_cMeYF_P8hywcAes5sShgzneZXPD849hvcBXiTgk","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:14.682Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1409629024:1761919705:0jsWkLYhDE7pwKOflQnvhftYZnAfDL5nRWFnQ-Zr79Y/99742549f86a568e/0nnUE4_.zhz6KWAD8EH2ShktGmvVA_F0LXAoZgFZUdY-1761924123-1.2.1.1-P5irEiY0IbCgfhaoDTLDlNak_cMeYF_P8hywcAes5sShgzneZXPD849hvcBXiTgk HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\ncf-chl: 0nnUE4_.zhz6KWAD8EH2ShktGmvVA_F0LXAoZgFZUdY-1761924123-1.2.1.1-P5irEiY0IbCgfhaoDTLDlNak_cMeYF_P8hywcAes5sShgzneZXPD849hvcBXiTgk\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 4407\r\nOrigin: http://sssdd.2bkg7eusoa.top\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:14 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\ncf-chl-out: fJ6mGL/oaJKRvVwuuVKaZQ5qGPf9qEk/ydSf0G59cTEl269dHIWJRdNa+MkbuJpnfchUgtgIIc/PDefF7mx5YA==$Nk0dAAUxUgd5kZXpk62PGg==\r\ncf-chl-out-s: AAPOS7XBGzGT973Tu4MXVaAiUu0kwFT4PfX8NfaidvmSFQ9SXEqjmroYDUYovhrkMbiwraDFDFL8s0r7zLUJcHLNxd3a4b4tmR9FBDhvjXEkcExPNATJ/9EtHKMWQR5fcTc5AUFsoC1K5jHmCZPiJBv/dRF5bArDZCbuwvPDgCiKsFemCoyhB5BDPhlbjX+OJZSpHlT4JQKmjOJzzc5rW1pcre8QRX8dzpkImrnmhm/bV9a5xD3qyKeE6yxcXZU9fi8a3FtWfNsjKu6wMtj6P5zak331quwYVj4qSxSh85g=$N/aVLclEJ/8pQMZ8n7/SSg==\r\nContent-Encoding: gzip\r\nServer: cloudflare\r\nset-cookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; HttpOnly; SameSite=Strict; Path=/; Domain=2bkg7eusoa.top; Expires=Sat, 31 Oct 2026 15:22:14 GMT\r\nCF-RAY: 99742591c92856a9-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4168,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with very long lines (4168), with no line terminators","md5":"c76f2d6a3508f296857974d236fc8aa7","sha1":"a60ef75d6e20a28aead01ffe6695a5d456b3a444","sha256":"aafb8610050b653665b3f559bb064b27c86d7fadd490d6e0e12d443cde488c4b","sha512":"f155ec1278bf05553803dd6f891ab545c8b762352c13b7f5aa62ada58c2b130dda8fb9b49a4104238dfee45f6c72ba1357ded626c22906ca72399b65ebc06da2","ssdeep":"48:LcH4TVmAOeASrFNtI/22HcPbyHgxmQhxu4y6e1vNmNUlEPpVwVdhXetg7sH7Wdbd:gH9r4rexcjAgzru4Le1akEPj4OBWSrhQ","tlshash":"3a817f45d2c7b9894c61f5bf5443ef032861c93792b7e04ee6c91f479d06987700556b","first_seen":"2025-10-31T15:22:47.684833Z","last_seen":"2025-10-31T15:22:47.684833Z","times_seen":1,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":48,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sssdd.2bkg7eusoa.top/red/swiper/swiper-bundle.min.css","fqdn":"sssdd.2bkg7eusoa.top","domain":"2bkg7eusoa.top","tld":"top"},"ip":{"addr":"172.67.180.27","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://sssdd.2bkg7eusoa.top/index/user/login.html","date":"2025-10-31T15:22:15.283Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /red/swiper/swiper-bundle.min.css HTTP/1.1\r\nHost: sssdd.2bkg7eusoa.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sssdd.2bkg7eusoa.top/index/user/login.html\r\nCookie: cf_clearance=fXEW_bUzUvYgOsVQPtLJI1fKvZAMwvA7cBck31XHdNo-1761924134-1.2.1.1-rpGMCyjpBEWKmxq9p.kxQ43euN4xIF4bFmJQmQiTtterLfzaGho30DO_nmV4te19nzhLIkNLqq8D.Z3Pkvo1Ulq0KUYxR.M986Wi.ccDQPpO2fgM8YjL9kG4pHWmhdi9LVTGJI2KPoLJrQBU9UV5euz1JVqtwc7ScZf.3W.IzGkUM8FTo6K20yxu8eDu9_29L63DAoufD5ItanxplHFKJV4lhSsJOS58xl3l7PbsNro; se1e03b0b=nnm9v22g4ln4vtuf6404j4vfq7\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 31 Oct 2025 15:22:15 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCF-RAY: 997425956edb0daa-OSL\r\nVary: Accept-Encoding, Accept-Encoding\r\nLast-Modified: Fri, 05 Mar 2021 16:40:04 GMT\r\nETag: W/\"60425ee4-3661\"\r\nExpires: Sat, 01 Nov 2025 03:22:15 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Encoding: gzip\r\ncf-cache-status: MISS\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=8%2BCEKrq4vKmK9934XIfUlPfFxUpt8cKlwI6bD3sHQQIIQy%2FaWuma5mFV0G4lkn%2BQiJg%2FXCpvwaCt%2FBDMydI0yKG3Vr38o1HMYcECsRH23uVQttkF5JbWPpOYvjFtaFZzPuGVFLb6vw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=684\u0026min_rtt=452\u0026rtt_var=150\u0026sent=16\u0026recv=19\u0026lost=0\u0026retrans=0\u0026sent_bytes=14887\u0026recv_bytes=3652\u0026delivery_rate=21113001\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13921,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13663)","md5":"4d0619d7577a990881a0079718c5c92e","sha1":"02553ae8ed1026ae5e1fe6cc5883fd42379e5e68","sha256":"f9a55bcc80d6d8b2815299c5501cddaa8e5f3f697cdb8f5ce1e3e924097117ba","sha512":"b80d7e90703fd0eebc15348ce23793cc936746f356c5d0824a713782ff0b6b2497631413de7739b8f5fd6ee30fb48d60c5405cc66d3ee4b730e7d8e39749cc0d","ssdeep":"384:FlUbeo7zOqgx9BU0m/XCQif65W/1mXA82FH8x:F6br7zOlbhm/X5if65W/1mXA82FQ","tlshash":"8b52236417003837f3774f6e4aa1e6b59f60cc838a934d9db2c0dd44d6fa8b9122eb95","first_seen":"2023-04-07T00:16:00Z","last_seen":"2026-05-03T01:05:22.305728Z","times_seen":3483,"resource_available":false,"data":null}},"time_used":450,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":449,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-31","alert":"Sinkholed","trigger":"sssdd.2bkg7eusoa.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}