{"report_id":"8830b506-b445-4ad4-bb9c-fa03cb26bd97","version":0,"status":"done","tags":[],"date":"2026-07-01T00:26:44Z","url":{"schema":"http","addr":"3658sora558200.cc","fqdn":"3658sora558200.cc","domain":"3658sora558200.cc","tld":"cc"},"ip":{"addr":"43.225.44.84","port":0,"asn":133199,"as":"SonderCloud Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"3658sora558200.cc/","fqdn":"3658sora558200.cc","domain":"3658sora558200.cc","tld":"cc"},"title":"3658sora558200.cc/","dom":{"size":620,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (620), with no line terminators","md5":"5a72d22317f855c9003e8179c5216d92","sha1":"8c3e54b90d70a4f169c86cea61cd9cd2b44c30ba","sha256":"c73a33463fc744d1596536ce295da1dd15fa8a3549e44ddc561c335342dcfd1b","sha512":"f7bd5d5497ad29a70a6d0011fd33bcd86819c57d613082f0134b90b1b690e4f67e20206118e6acde0d8ae3146cb2d9884d697a8e62e08f293916f50260d02655","ssdeep":"","tlshash":"9cf078535c05cc4c2300469ae8a6b01cc006ac1efea1dc20fcf352aaaef8f9904655d6","dom_hash":"domhashf5eb086b4f525e78fc5d842d1d900f33","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"3658sora558200.cc","fqdn":"3658sora558200.cc","domain":"3658sora558200.cc","tld":"cc"},"ip":{"addr":"43.225.44.84","port":0,"asn":133199,"as":"SonderCloud Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-05T00:26:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-01","alert":"Phishing Block","trigger":"3658sora558200.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"3658sora558200.cc","ip":{"addr":"43.225.45.132","port":443,"asn":133199,"as":"SonderCloud Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-06-17","domain_rank":0,"first_seen":"2026-07-01T00:26:09.790943Z","last_seen":"2026-07-01T00:26:09.790943Z","alert_count":28,"request_count":7,"received_data":1553269,"sent_data":3393,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Tencent Waterproof Wall","description":"","website":"https://007.qq.com/","common_platform_enumeration":"","icon":"TencentWaterproofWall.png","categories":["Hosting panels","Security"]}]},{"fqdn":"ssl.captcha.qq.com","ip":{"addr":"157.255.220.168","port":443,"asn":135061,"as":"China Unicom Guangdong IP network","country":"China","country_code":"CN"},"domain_registered":"1995-05-04","domain_rank":744414,"first_seen":"2012-11-03T19:41:33Z","last_seen":"2026-06-30T18:36:05.508909Z","alert_count":0,"request_count":1,"received_data":104723,"sent_data":477,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"cstaticdun.126.net","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"1998-02-28","domain_rank":474446,"first_seen":"2017-06-21T07:31:41Z","last_seen":"2026-06-27T00:49:52.059167Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":492,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ssl.captcha.qq.com/TCaptcha.js","fqdn":"ssl.captcha.qq.com","domain":"qq.com","tld":"com"},"ip":{"addr":"157.255.220.168","port":443,"asn":135061,"as":"China Unicom Guangdong IP network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"f60d5cc59e28c88882277596ace41c04","sha1":"e836857ae68c44675a50834ce24ede4c4befcaf1","sha256":"24ecd69334a7e45c93144ffd2d103351fffb58c911600ace28a40158a7154941","sha512":"8ccf5903767733c196c45de248d34c00a0b0a135fd8a148f6a31e40f9fa03cd01a2c714c9c8ac95e99c17b3dec817b2759b1ac9c5a5fe54b6af1c0f2f760a6ad","ssdeep":"3072:3IxTYeu24ozqA9/hISgSGD/exErmPQ0DFM1:6zqA9pIlnD/eajyFM1","tlshash":"2da318deb3f1762d06ab6194cc3b9d4e68374c508018f175cfb9c687ba28589921bf39","size":104476,"data":"","first_seen":"2026-06-24T04:23:48.814813Z","last_seen":"2026-07-01T03:59:11.947036Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"3658sora558200.cc/favicon-1779776776157.ico","fqdn":"3658sora558200.cc","domain":"3658sora558200.cc","tld":"cc"},"ip":{"addr":"43.225.45.132","port":443,"asn":133199,"as":"SonderCloud Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3658sora558200.cc/","date":"2026-07-01T00:26:17.955Z","timestamp":1782865577955,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3658sora358200.cc","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 07:28:38 GMT","end":"Tue, 15 Sep 2026 07:28:37 GMT"},"fingerprint":{"sha1":"5A:D1:C4:DC:F4:59:34:2A:57:21:56:BA:EA:E5:C6:89:1A:7F:E2:03","sha256":"75:62:A2:01:9A:D0:DF:32:49:AF:2E:D9:3A:8A:3A:75:66:AF:8C:C6:AD:50:78:B6:53:B9:F1:28:5C:65:57:71"}}},"request":{"raw":"GET /favicon-1779776776157.ico HTTP/1.1\r\nHost: 3658sora558200.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://3658sora558200.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-encoding: gzip\r\ncontent-type: image/x-icon\r\ndate: Wed, 01 Jul 2026 00:24:00 GMT\r\netag: W/\"6a14ccba-1083e\"\r\nlast-modified: Wed, 01 Jul 2026 00:24:00 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67646,"size_decoded":14256,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel","md5":"815edeb1c8a19ff834705df7cc458dad","sha1":"41bc6a37f86fc79bb38902268bd26e0fd7940605","sha256":"0fe6512f8d73cc243e4c3e83e218d95987e1f32a63396be15c5c8e86eb3df7b4","sha512":"932dd61f6864c8577ff41b5c1c29b5eeea7a6e14daa85ae1cafb389534c79bcebab953897ed7a86ee3300e2da08b23e00b7ffe1b0bc5f0a5db803eae50bfee03","ssdeep":"768:pvwxOTjJfmv7vvUvovsubfRYGf9dbSbBGZw9jRSzVfEU3eI:pv3Fmv7vvUvovsubfRYu9dIBgyyN","tlshash":"6a634b6d2b122f09d2514f7dd19e237407664f74efaaa193fa303d99b2f920f8ad0940","first_seen":"2025-02-02T12:37:41.54804Z","last_seen":"2026-07-01T02:12:50.165901Z","times_seen":35,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-01","alert":"Phishing Block","trigger":"3658sora558200.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3658sora558200.cc/","fqdn":"3658sora558200.cc","domain":"3658sora558200.cc","tld":"cc"},"ip":{"addr":"43.225.45.132","port":443,"asn":133199,"as":"SonderCloud Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-01T00:26:12.561Z","timestamp":1782865572561,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3658sora358200.cc","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 07:28:38 GMT","end":"Tue, 15 Sep 2026 07:28:37 GMT"},"fingerprint":{"sha1":"5A:D1:C4:DC:F4:59:34:2A:57:21:56:BA:EA:E5:C6:89:1A:7F:E2:03","sha256":"75:62:A2:01:9A:D0:DF:32:49:AF:2E:D9:3A:8A:3A:75:66:AF:8C:C6:AD:50:78:B6:53:B9:F1:28:5C:65:57:71"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 3658sora558200.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 01 Jul 2026 00:26:13 GMT\r\netag: W/\"6a14ccba-47f\"\r\nlast-modified: Mon, 25 May 2026 22:27:06 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\ncontent-length: 526\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Tencent Waterproof Wall","description":"","website":"https://007.qq.com/","common_platform_enumeration":"","icon":"TencentWaterproofWall.png","categories":["Hosting panels","Security"]}],"data":{"size":1151,"size_decoded":808,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1151), with no line terminators","md5":"827d8520e46ef55dbedd01171666f0ae","sha1":"58edada46a2da1f321e6d773c22f0da566f4f72a","sha256":"e2c512ebd7a2ecb782c4f484f56b2466af1a1f626ad9e90fabf0231bccda64da","sha512":"8b78c1d93b6a1b3e4c4344c69d0b04219dfc9f52aa24c63c4673b1c20e11225c1540ba5568afb6ada829e0d8ef4d0e0b015fdb6c6e8cdcb586cc28bbd7e63427","ssdeep":"","tlshash":"a421be538c19c898531006daf5b6e02dc00ad42defe1dc65edf602aaafe4b9d1c295d5","first_seen":"2026-06-28T10:08:09.163481Z","last_seen":"2026-07-01T02:11:23.132192Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1127,"timings":{"blocked":-1,"dns":325,"connect":262,"send":0,"wait":264,"receive":0,"ssl":276},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-01","alert":"Phishing Block","trigger":"3658sora558200.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ssl.captcha.qq.com/TCaptcha.js","fqdn":"ssl.captcha.qq.com","domain":"qq.com","tld":"com"},"ip":{"addr":"157.255.220.168","port":443,"asn":135061,"as":"China Unicom Guangdong IP network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://3658sora558200.cc/","date":"2026-07-01T00:26:14.080Z","timestamp":1782865574080,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.captcha.qq.com","organization":""},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 16 Sep 2025 00:00:00 GMT","end":"Fri, 09 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"62:F5:EA:26:0F:C2:28:21:1C:74:6C:B2:E3:19:6D:7C:66:D5:E0:70","sha256":"35:62:9E:32:B6:A9:94:F6:C5:7C:C5:62:00:F1:5C:C3:F5:D4:69:07:BA:0B:E7:72:F9:6C:6C:CE:26:BA:6D:68"}}},"request":{"raw":"GET /TCaptcha.js HTTP/1.1\r\nHost: ssl.captcha.qq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://3658sora558200.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Jul 2026 00:26:15 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 104476\r\nConnection: keep-alive\r\nP3P: CP=CAO PSA OUR\r\nServer: Trpc httpd, tencent http server\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=600\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":104476,"size_decoded":104723,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f60d5cc59e28c88882277596ace41c04","sha1":"e836857ae68c44675a50834ce24ede4c4befcaf1","sha256":"24ecd69334a7e45c93144ffd2d103351fffb58c911600ace28a40158a7154941","sha512":"8ccf5903767733c196c45de248d34c00a0b0a135fd8a148f6a31e40f9fa03cd01a2c714c9c8ac95e99c17b3dec817b2759b1ac9c5a5fe54b6af1c0f2f760a6ad","ssdeep":"3072:3IxTYeu24ozqA9/hISgSGD/exErmPQ0DFM1:6zqA9pIlnD/eajyFM1","tlshash":"2da318deb3f1762d06ab6194cc3b9d4e68374c508018f175cfb9c687ba28589921bf39","first_seen":"2026-06-24T04:23:48.814813Z","last_seen":"2026-07-01T03:59:11.947036Z","times_seen":30,"resource_available":true,"data":null}},"time_used":2671,"timings":{"blocked":-1,"dns":116,"connect":249,"send":0,"wait":253,"receive":1551,"ssl":502},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cstaticdun.126.net/load.min.js?t=202007291602","fqdn":"cstaticdun.126.net","domain":"126.net","tld":"net"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://3658sora558200.cc/","date":"2026-07-01T00:26:14.082Z","timestamp":1782865574082,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /load.min.js?t=202007291602 HTTP/1.1\r\nHost: cstaticdun.126.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://3658sora558200.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-01T04:18:58.612121Z","times_seen":16879611,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3658sora558200.cc/favicon-1779776776157.ico","fqdn":"3658sora558200.cc","domain":"3658sora558200.cc","tld":"cc"},"ip":{"addr":"43.225.45.132","port":443,"asn":133199,"as":"SonderCloud Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://3658sora558200.cc/","date":"2026-07-01T00:26:17.953Z","timestamp":1782865577953,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3658sora358200.cc","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 07:28:38 GMT","end":"Tue, 15 Sep 2026 07:28:37 GMT"},"fingerprint":{"sha1":"5A:D1:C4:DC:F4:59:34:2A:57:21:56:BA:EA:E5:C6:89:1A:7F:E2:03","sha256":"75:62:A2:01:9A:D0:DF:32:49:AF:2E:D9:3A:8A:3A:75:66:AF:8C:C6:AD:50:78:B6:53:B9:F1:28:5C:65:57:71"}}},"request":{"raw":"GET /favicon-1779776776157.ico HTTP/1.1\r\nHost: 3658sora558200.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://3658sora558200.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-encoding: gzip\r\ncontent-type: image/x-icon\r\ndate: Wed, 01 Jul 2026 00:24:00 GMT\r\netag: W/\"6a14ccba-1083e\"\r\nlast-modified: Wed, 01 Jul 2026 00:24:00 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67646,"size_decoded":14256,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel","md5":"815edeb1c8a19ff834705df7cc458dad","sha1":"41bc6a37f86fc79bb38902268bd26e0fd7940605","sha256":"0fe6512f8d73cc243e4c3e83e218d95987e1f32a63396be15c5c8e86eb3df7b4","sha512":"932dd61f6864c8577ff41b5c1c29b5eeea7a6e14daa85ae1cafb389534c79bcebab953897ed7a86ee3300e2da08b23e00b7ffe1b0bc5f0a5db803eae50bfee03","ssdeep":"768:pvwxOTjJfmv7vvUvovsubfRYGf9dbSbBGZw9jRSzVfEU3eI:pv3Fmv7vvUvovsubfRYu9dIBgyyN","tlshash":"6a634b6d2b122f09d2514f7dd19e237407664f74efaaa193fa303d99b2f920f8ad0940","first_seen":"2025-02-02T12:37:41.54804Z","last_seen":"2026-07-01T02:12:50.165901Z","times_seen":35,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-01","alert":"Phishing Block","trigger":"3658sora558200.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3658sora558200.cc/static/css/main.c7613d89.css","fqdn":"3658sora558200.cc","domain":"3658sora558200.cc","tld":"cc"},"ip":{"addr":"43.225.45.132","port":443,"asn":133199,"as":"SonderCloud Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://3658sora558200.cc/","date":"2026-07-01T00:26:14.084Z","timestamp":1782865574084,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3658sora358200.cc","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 07:28:38 GMT","end":"Tue, 15 Sep 2026 07:28:37 GMT"},"fingerprint":{"sha1":"5A:D1:C4:DC:F4:59:34:2A:57:21:56:BA:EA:E5:C6:89:1A:7F:E2:03","sha256":"75:62:A2:01:9A:D0:DF:32:49:AF:2E:D9:3A:8A:3A:75:66:AF:8C:C6:AD:50:78:B6:53:B9:F1:28:5C:65:57:71"}}},"request":{"raw":"GET /static/css/main.c7613d89.css HTTP/1.1\r\nHost: 3658sora558200.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://3658sora558200.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 01 Jul 2026 00:22:50 GMT\r\netag: W/\"6a14ccba-3706f\"\r\nlast-modified: Wed, 01 Jul 2026 00:22:50 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":225391,"size_decoded":30955,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"c7613d893e967625c35e7122076c5274","sha1":"b341581ad0ff5660aa084c4009c1c69df3e498cc","sha256":"84e87c5a76e50a3a5eade56ee92fa987435d502e85a2223c98e684305d83e81b","sha512":"f8b67be255078ccb851fffff61b019960831d41073d9aeface44064adc062b8f6bcfbc4721ef74fec8ca5a00d0736d26a46f000e89bb060e136489a6fb9eaa77","ssdeep":"1536:gpsji0pUJyV2X9cTiAyyOaGjg4anUnbJJ26gjrrjrN:TiaV2X9cTiAyHg4aUnNMV","tlshash":"1424b532c485241eb137c9ad52e4faca615cd08bd5161fbcba3679a9ebc20d917b7303","first_seen":"2026-04-21T19:17:58.370902Z","last_seen":"2026-07-01T02:12:50.162744Z","times_seen":10,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-01","alert":"Phishing Block","trigger":"3658sora558200.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3658sora558200.cc/static/js/manifest.c5f29924.js?1779776776157","fqdn":"3658sora558200.cc","domain":"3658sora558200.cc","tld":"cc"},"ip":{"addr":"43.225.45.132","port":443,"asn":133199,"as":"SonderCloud Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://3658sora558200.cc/","date":"2026-07-01T00:26:14.086Z","timestamp":1782865574086,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3658sora358200.cc","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 07:28:38 GMT","end":"Tue, 15 Sep 2026 07:28:37 GMT"},"fingerprint":{"sha1":"5A:D1:C4:DC:F4:59:34:2A:57:21:56:BA:EA:E5:C6:89:1A:7F:E2:03","sha256":"75:62:A2:01:9A:D0:DF:32:49:AF:2E:D9:3A:8A:3A:75:66:AF:8C:C6:AD:50:78:B6:53:B9:F1:28:5C:65:57:71"}}},"request":{"raw":"GET /static/js/manifest.c5f29924.js?1779776776157 HTTP/1.1\r\nHost: 3658sora558200.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://3658sora558200.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 01 Jul 2026 00:22:50 GMT\r\netag: W/\"6a14ccba-7cf\"\r\nlast-modified: Wed, 01 Jul 2026 00:22:50 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1164\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1999,"size_decoded":1471,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1999), with no line terminators","md5":"a8b34345e41a06833e948cf367099d07","sha1":"1f6e399ce2685d912c281669a9a71e68a7ab58b9","sha256":"2ad9b8e64252f2fa281d09b73a864c8f4bb424cd2ba10ed4c45998d151be4641","sha512":"e62436148d929d79f2e811e95d0d31d2db3837f168380b29a0a107a66df26f478727280f78b3cde60b6b54a567ee4275f1e5ed09bacfa36ecccd2ec31bc31641","ssdeep":"","tlshash":"bc4196de7a54f4da43ea147d592b6114f17c2e222d18c840d3ccd06a7d25d449212ab3","first_seen":"2026-06-28T10:08:09.166013Z","last_seen":"2026-07-01T02:12:50.166596Z","times_seen":6,"resource_available":true,"data":null}},"time_used":524,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":524,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-01","alert":"Phishing Block","trigger":"3658sora558200.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3658sora558200.cc/static/js/vendor.70b2f1fd.js?1779776776157","fqdn":"3658sora558200.cc","domain":"3658sora558200.cc","tld":"cc"},"ip":{"addr":"43.225.45.132","port":443,"asn":133199,"as":"SonderCloud Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://3658sora558200.cc/","date":"2026-07-01T00:26:14.087Z","timestamp":1782865574087,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3658sora358200.cc","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 07:28:38 GMT","end":"Tue, 15 Sep 2026 07:28:37 GMT"},"fingerprint":{"sha1":"5A:D1:C4:DC:F4:59:34:2A:57:21:56:BA:EA:E5:C6:89:1A:7F:E2:03","sha256":"75:62:A2:01:9A:D0:DF:32:49:AF:2E:D9:3A:8A:3A:75:66:AF:8C:C6:AD:50:78:B6:53:B9:F1:28:5C:65:57:71"}}},"request":{"raw":"GET /static/js/vendor.70b2f1fd.js?1779776776157 HTTP/1.1\r\nHost: 3658sora558200.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://3658sora558200.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 01 Jul 2026 00:22:50 GMT\r\netag: W/\"6a14ccba-ae667\"\r\nlast-modified: Wed, 01 Jul 2026 00:22:51 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":714343,"size_decoded":224914,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c81ad31811ec0419331a48a9a906d4ea","sha1":"1c2328ed784c2167909d06d7ed3df52dc1f42ef8","sha256":"d2fedefab7f4312cbba04ff1f96dd3aa1c30fd9757d0d98579ae45768af12ead","sha512":"130536bbdbbac1d7dd7942cc482d12c6dcb5b84f3bfd68908e4d6fbb6132f10cb06ec9020320c9d3423cf72e2870fe2d4207a8a9302929b66038f4b3ed1838da","ssdeep":"6144:gPn72NnKnxIM3BEZO0WlcfMkFEAuRCONEgHfPOdFvRX+m09JgsQDu81fbX0aNUSV:q+nKnxIZKcfaAGx6xhRsQDZd0a5nP9","tlshash":"90e4f7cd7692f0a243f321b6402f640bb37a6959680d8550f251e8e5bcbd95e923bf3c","first_seen":"2026-05-27T09:23:12.823523Z","last_seen":"2026-07-01T02:12:50.164117Z","times_seen":17,"resource_available":true,"data":null}},"time_used":523,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":523,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-01","alert":"Phishing Block","trigger":"3658sora558200.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3658sora558200.cc/static/js/main.aafd0c67.js?1779776776157","fqdn":"3658sora558200.cc","domain":"3658sora558200.cc","tld":"cc"},"ip":{"addr":"43.225.45.132","port":443,"asn":133199,"as":"SonderCloud Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://3658sora558200.cc/","date":"2026-07-01T00:26:14.088Z","timestamp":1782865574088,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"3658sora358200.cc","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 07:28:38 GMT","end":"Tue, 15 Sep 2026 07:28:37 GMT"},"fingerprint":{"sha1":"5A:D1:C4:DC:F4:59:34:2A:57:21:56:BA:EA:E5:C6:89:1A:7F:E2:03","sha256":"75:62:A2:01:9A:D0:DF:32:49:AF:2E:D9:3A:8A:3A:75:66:AF:8C:C6:AD:50:78:B6:53:B9:F1:28:5C:65:57:71"}}},"request":{"raw":"GET /static/js/main.aafd0c67.js?1779776776157 HTTP/1.1\r\nHost: 3658sora558200.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://3658sora558200.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 01 Jul 2026 00:22:50 GMT\r\netag: W/\"6a14ccba-7383c\"\r\nlast-modified: Wed, 01 Jul 2026 00:22:50 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":473148,"size_decoded":84552,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"11ab726b9fb464380ae33c06db54774e","sha1":"68c9e9f63f7eeb0f62a2a6f0444ae180e06901d1","sha256":"6e30c15288def6216679fdd710ed41c7739563ca7e9cde47ae6a8fef4e607c4c","sha512":"b9a4a92cec75367d66196747d0acce1987f1bbd77c3915eb98c4f814b88310b42ae7945e1eacb96d8d2cbfe4896a8bff7a9e25cb01959ead9bdb636629febf3c","ssdeep":"3072:dgFvwMK0MsfAyCEyosB0F1OWL7jiP4Bv0oPnKHK0BK0JiI0D7:cFZ7j7JHnyi7","tlshash":"83a4f849b141b8ab03f3a17a802f1559f2b52895a54c8c50f368cde7f9f6558a32ff38","first_seen":"2026-06-28T10:08:09.169299Z","last_seen":"2026-07-01T02:12:50.165215Z","times_seen":6,"resource_available":true,"data":null}},"time_used":1043,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1043,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-01","alert":"Phishing Block","trigger":"3658sora558200.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"3658sora558200.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}
