{"report_id":"885b5018-ffe2-40f4-aa3b-b0d4a260edf8","version":0,"status":"done","tags":[],"date":"2026-06-19T01:15:52Z","url":{"schema":"http","addr":"m.105655222.com","fqdn":"m.105655222.com","domain":"105655222.com","tld":"com"},"ip":{"addr":"172.67.136.237","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"m.105655222.com/#/403","fqdn":"m.105655222.com","domain":"105655222.com","tld":"com"},"title":"m.105655222.com/#/","dom":{"size":7274,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2685)","md5":"690b9232f352b6ff21f81e57d99ed3d3","sha1":"11911ab64b389ab8e2221ab4bf0fa37b92fd48b2","sha256":"da23efa01a8f732eb645d3318cf861e752385baa89146899b922f423eebf0f51","sha512":"4cb5a02c8c8bb5a6b4cca2b86bbc81e1532e1a19864efd427870f4e35999b9381b001396757ebef488873bf65e4f135ac678f49d49a6421fe861304078e5a118","ssdeep":"96:BVMN/1FtBUxP7aMAPCPPN598IBgUshhSmOz53nsOyfNzljrzwOytcJqKBmxtK7Jv:BVMNnB0P8IBgbhhSmO1sPhlOKBmoJv","tlshash":"1ae1e5768082809366b3d4e0a7ee7b2538b1a50bcd8ddd41b28e571c8fc5edaa6413c9","dom_hash":"domhashebadc4b570ca696a16ae17e70754db10","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"m.105655222.com","fqdn":"m.105655222.com","domain":"105655222.com","tld":"com"},"ip":{"addr":"172.67.136.237","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-24T01:15:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-19","alert":"Phishing Block","trigger":"m.105655222.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"m.105655222.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2023-02-15","domain_rank":0,"first_seen":"2026-06-19T01:05:12.150435Z","last_seen":"2026-06-19T01:05:12.150435Z","alert_count":30,"request_count":5,"received_data":4499,"sent_data":2583,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"wapca.lnzhengda.com","ip":{"addr":"163.171.242.126","port":443,"asn":54994,"as":"ML-1432-54994","country":"United States","country_code":"US"},"domain_registered":"2024-11-18","domain_rank":0,"first_seen":"2026-06-11T01:47:17.428226Z","last_seen":"2026-06-19T01:05:12.748082Z","alert_count":0,"request_count":5,"received_data":4389259,"sent_data":2524,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"wapca.lnzhengda.com/static/js/vendor.14d0279eced2ff814164.js","fqdn":"wapca.lnzhengda.com","domain":"lnzhengda.com","tld":"com"},"ip":{"addr":"163.171.242.126","port":443,"asn":54994,"as":"ML-1432-54994","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1a1e40b868426c6c63b079ba74e9907f","sha1":"b4b394c24adee36d49af0ae669c6d229b59bd8d8","sha256":"830928a128c6d39ade5294ae57424ab96dbbb18c646c00ce39a0dd44d8eed99d","sha512":"995c51160563040061e72bc12ccb08c8744817ff4a5d482bbde981a6aa16b362ead8223f0af6495459290e673aa48f8332b51d06cbb042f1adbb8f32940705b5","ssdeep":"12288:dQTfXIdCFbXFNXw1tibrvfcuGoodN3hcReJq0ClO:EfpFbXFNXw1tifvfC738kxClO","tlshash":"47552a8db295b0b503d760a5402f060bf2376959740a849cf679e8eaac7cd4e217bf7c","size":1381389,"data":"","first_seen":"2026-06-16T01:40:38.602063Z","last_seen":"2026-06-19T02:05:18.204921Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wapca.lnzhengda.com/static/js/app.407e69d96430086940e6.1781674586754.js","fqdn":"wapca.lnzhengda.com","domain":"lnzhengda.com","tld":"com"},"ip":{"addr":"163.171.242.126","port":443,"asn":54994,"as":"ML-1432-54994","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2dd5c4883b1976f5ec13c5d5e4d4da3d","sha1":"6558303fdc1793c8a90e31ca71c527c22bfcee94","sha256":"0ec164dfa156527bf64c3fd0d619ed845fd39798f93a69be72400db878f6a85e","sha512":"9c78ab100554f9a5e44ce674812aead67b73d07c18d4eed02b2582dc79936e57d2b0c49987a08e2f05d5ec9bd2b597a50e46851b823578ddb8adc89f5e4a4ef6","ssdeep":"24576:Lv/eak6wY8AXbfMhSuIlKd6pbt1KyxuWpWYuYvMS+51UVkiVeC:Lv/eak6wY8AXbfMhSuIlKMxuWpWYuYvx","tlshash":"2665a61a7083e6b94d9e9011652a1134e1751fd8a009d09eb73ceee49be4d7a336fb3c","size":1544140,"data":"","first_seen":"2026-06-19T01:05:17.391974Z","last_seen":"2026-06-19T02:05:18.206332Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"m.105655222.com/favicon.ico","fqdn":"m.105655222.com","domain":"105655222.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.105655222.com/","date":"2026-06-19T01:15:21.866Z","timestamp":1781831721866,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: m.105655222.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://m.105655222.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T05:20:17.624761Z","times_seen":16535485,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-19","alert":"Phishing Block","trigger":"m.105655222.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.105655222.com/","fqdn":"m.105655222.com","domain":"105655222.com","tld":"com"},"ip":{"addr":"172.67.136.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-19T01:15:19.650Z","timestamp":1781831719650,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"105655222.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Jun 2026 17:38:31 GMT","end":"Fri, 04 Sep 2026 18:38:29 GMT"},"fingerprint":{"sha1":"4B:F0:10:1A:33:BD:79:01:61:23:80:C1:4E:A6:99:E5:3F:53:33:28","sha256":"AD:CB:84:F8:63:DA:C3:25:88:15:CD:3C:47:CA:9E:5C:EC:57:9D:D8:0F:CC:1C:69:19:A6:A8:B1:EB:3F:A5:8B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: m.105655222.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Fri, 19 Jun 2026 01:15:20 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-encoding: zstd\r\npriority: u=0,i\r\nserver: cloudflare\r\nlast-modified: Wed, 17 Jun 2026 05:38:59 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1yiPtZlXSL%2Bicazky8G%2BsYHW2fdnnrOCDvNEMNwcD9JzaVyzADlLcjPgDmHD10ZvHfj%2BzXExslWEe%2Fr9QZfpOyt1LFDWY24e%2B9o0izAsk400Y4iYhGvcpP%2FCG38zWuwoG0Y%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 6439adb92b18490836e57157dfa863ea.cloudfront.net (CloudFront)\r\nage: 6\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nx-requestid: 2c4ecb73932c6f7396640bc090f6b8d8\r\nx-dns-prefetch-control: on\r\ncf-cache-status: DYNAMIC\r\ncf-ray: a0deae97ffc156cb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3587,"size_decoded":2175,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (546)","md5":"682da141f382354020312d08b8c6e903","sha1":"404e6d2af49f331b511e5658db3231a91e82260d","sha256":"4e1e144e4a72d4e8a92f2961cf4fdd841f6a0c84fe1da06f3bde2358814fb94f","sha512":"e202f52d319e808a40cb3dc3e98755d2e27a835227ead6f1daabb3a88754a9c2a3bc35209002759a2393202f32dabf564f16ee303296bce9e4faf65f6a365edd","ssdeep":"","tlshash":"6d7126ab04d3c0433d27e9605bee2b2420b699178a49dd41f6cd574ccfd4f8f99452c2","first_seen":"2026-06-19T01:05:17.155293Z","last_seen":"2026-06-19T02:05:18.107184Z","times_seen":3,"resource_available":true,"data":null}},"time_used":555,"timings":{"blocked":-1,"dns":7,"connect":16,"send":0,"wait":532,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-19","alert":"Phishing Block","trigger":"m.105655222.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wapca.lnzhengda.com/static/css/1.d848fa3a9d93c8d8b81a.css","fqdn":"wapca.lnzhengda.com","domain":"lnzhengda.com","tld":"com"},"ip":{"addr":"163.171.242.126","port":443,"asn":54994,"as":"ML-1432-54994","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.105655222.com/","date":"2026-06-19T01:15:20.685Z","timestamp":1781831720685,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lnzhengda.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 26 Jan 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"56:3B:CC:52:E9:1B:D9:87:E1:C3:1C:05:5C:87:04:BE:70:7F:AB:5B","sha256":"C4:BE:55:4A:A6:AD:32:62:03:08:C5:DC:7F:D6:65:0A:EA:6A:77:FF:FF:07:D0:A8:40:1A:C8:D6:34:9E:DA:96"}}},"request":{"raw":"GET /static/css/1.d848fa3a9d93c8d8b81a.css HTTP/1.1\r\nHost: wapca.lnzhengda.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://m.105655222.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Fri, 19 Jun 2026 01:15:20 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 28 Aug 2025 05:46:38 GMT\r\netag: W/\"6cf7d380ca836ed01224d44abfbed710\"\r\nx-amz-server-side-encryption: AES256\r\nserver: PWS/8.3.1.0.8\r\ncontent-encoding: gzip\r\nvia: 1.1 fbf93e3eea1964c1f610f4f4df8d6ad0.cloudfront.net (CloudFront), 1.1 PS-TAO-01fgu203:7 (W), 1.1 PS-HIA-01VH8172:2 (W), 1.1 PS-JJN-01XUm198:12 (W), 1.1 PS-FOC-01imY117:12 (W), 0.0 PSdgflkfFRA1je97:9 (W)\r\nx-amz-cf-pop: NRT12-P9\r\nx-amz-cf-id: cDndQ2eTixF12Kbs2KfT4sJLzGOd_hbP_y8VpqenDczZzYbKySQfxg==\r\nx-px: ht PSdgflkfFRA1je97FRA\r\nage: 63371\r\nx-ws-request-id: 6a349828_PSdgflkfFRA1je97_11090-50139\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":45682,"size_decoded":13749,"mime_type":"text/css","magic":"ASCII text, with very long lines (45682), with no line terminators","md5":"6cf7d380ca836ed01224d44abfbed710","sha1":"0df19aaeba04da0412bda9f83c5ca636c6ba9dc0","sha256":"833d0f933df86d8152374a8d4266b1fa10ddb13e5b9f0ae9ce5420b267187f87","sha512":"27b208cfa986b10aaef2c05846876bf296c40fd087df2440dedbf2e1d5222384b4ed6d705f8938efcb65c291960c2fc2347df40803752ede989c2263809f0a19","ssdeep":"768:qayIg1rgA8Ye01bN4eJopdpdyxKLLh+Pppb67Obhrb63if65WJ1mXAA063:q/I+rgA8Ye01bN4eJidax4wpF6+ASf61","tlshash":"0d23a670cf00266ab2378b6745c0f7a56e34c4539ae30a9eb144ab55c2fdcbd126f789","first_seen":"2025-06-30T21:53:04.034282Z","last_seen":"2026-06-19T02:05:18.116412Z","times_seen":129,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":11,"connect":20,"send":0,"wait":23,"receive":0,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.105655222.com/_data/config/config/get/","fqdn":"m.105655222.com","domain":"105655222.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.105655222.com/","date":"2026-06-19T01:15:21.630Z","timestamp":1781831721630,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"105655222.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Jun 2026 17:38:31 GMT","end":"Fri, 04 Sep 2026 18:38:29 GMT"},"fingerprint":{"sha1":"4B:F0:10:1A:33:BD:79:01:61:23:80:C1:4E:A6:99:E5:3F:53:33:28","sha256":"AD:CB:84:F8:63:DA:C3:25:88:15:CD:3C:47:CA:9E:5C:EC:57:9D:D8:0F:CC:1C:69:19:A6:A8:B1:EB:3F:A5:8B"}}},"request":{"raw":"GET /_data/config/config/get/ HTTP/1.1\r\nHost: m.105655222.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nrType: 1\r\ntpl: 1\r\nqnwebver: 4.12.0\r\nWebver: 4.12.0\r\nX-Requested-With: XMLHttpRequest\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://m.105655222.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T05:20:17.624761Z","times_seen":16535485,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-19","alert":"Phishing Block","trigger":"m.105655222.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.105655222.com/static/img/403.46ada62.gif","fqdn":"m.105655222.com","domain":"105655222.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.105655222.com/","date":"2026-06-19T01:15:31.647Z","timestamp":1781831731647,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /static/img/403.46ada62.gif HTTP/1.1\r\nHost: m.105655222.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://m.105655222.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T05:20:17.624761Z","times_seen":16535485,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-19","alert":"Phishing Block","trigger":"m.105655222.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wapca.lnzhengda.com/static/css/reset.css","fqdn":"wapca.lnzhengda.com","domain":"lnzhengda.com","tld":"com"},"ip":{"addr":"163.171.242.126","port":443,"asn":54994,"as":"ML-1432-54994","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.105655222.com/","date":"2026-06-19T01:15:20.682Z","timestamp":1781831720682,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lnzhengda.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 26 Jan 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"56:3B:CC:52:E9:1B:D9:87:E1:C3:1C:05:5C:87:04:BE:70:7F:AB:5B","sha256":"C4:BE:55:4A:A6:AD:32:62:03:08:C5:DC:7F:D6:65:0A:EA:6A:77:FF:FF:07:D0:A8:40:1A:C8:D6:34:9E:DA:96"}}},"request":{"raw":"GET /static/css/reset.css HTTP/1.1\r\nHost: wapca.lnzhengda.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://m.105655222.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Fri, 19 Jun 2026 01:15:21 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 28 Aug 2025 05:46:40 GMT\r\netag: W/\"693871a3aedbd0b8f3633ddf95f1b6be\"\r\nx-amz-server-side-encryption: AES256\r\nserver: PWS/8.3.1.0.8\r\ncontent-encoding: gzip\r\nvia: 1.1 80318af1db1c0c95c4388751ede5e04e.cloudfront.net (CloudFront), 1.1 PS-TAO-01HZC208:12 (W), 1.1 PS-HIA-01rHo246:14 (W), 1.1 zhoudxin93:1 (W), 0.0 PSdgflkfFRA1je97:9 (W)\r\nx-amz-cf-pop: NRT12-P9\r\nx-amz-cf-id: V5P0Jf_GKIJCLu8si_UEBMmefjONZMTW8fxP6Cut6W83AmbNeqsAqw==\r\nx-px: ht PSdgflkfFRA1je97FRA\r\nage: 63373\r\nx-ws-request-id: 6a349829_PSdgflkfFRA1je97_11090-50188\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1747,"size_decoded":1494,"mime_type":"text/css","magic":"ASCII text","md5":"693871a3aedbd0b8f3633ddf95f1b6be","sha1":"e7ddbd6492afca43a56626ecce8b9f627eaa28d1","sha256":"a81c23a5263285eaa516d9fa4b813839b776187ca98c54e5b02dbead3fc56d18","sha512":"53fc4d4ce500d1ec92f46c88c8c580674933b1b1e314ad9083f70308af7f0002b085b1f0e879b42b043e6b34229378af41a16db9d4e2fe6593155a8b2f7055a4","ssdeep":"","tlshash":"be31516bc17505a015abd8787255ce59b37e4113144c89f8f2eeaa68de05a3c90e238e","first_seen":"2023-08-29T14:06:39Z","last_seen":"2026-06-19T02:05:18.197283Z","times_seen":146,"resource_available":false,"data":null}},"time_used":367,"timings":{"blocked":-1,"dns":13,"connect":22,"send":0,"wait":53,"receive":0,"ssl":275},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wapca.lnzhengda.com/static/css/app.e318b5b150c4e1253e72.css","fqdn":"wapca.lnzhengda.com","domain":"lnzhengda.com","tld":"com"},"ip":{"addr":"163.171.242.126","port":443,"asn":54994,"as":"ML-1432-54994","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.105655222.com/","date":"2026-06-19T01:15:20.687Z","timestamp":1781831720687,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lnzhengda.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 26 Jan 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"56:3B:CC:52:E9:1B:D9:87:E1:C3:1C:05:5C:87:04:BE:70:7F:AB:5B","sha256":"C4:BE:55:4A:A6:AD:32:62:03:08:C5:DC:7F:D6:65:0A:EA:6A:77:FF:FF:07:D0:A8:40:1A:C8:D6:34:9E:DA:96"}}},"request":{"raw":"GET /static/css/app.e318b5b150c4e1253e72.css HTTP/1.1\r\nHost: wapca.lnzhengda.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://m.105655222.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Fri, 19 Jun 2026 01:15:21 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 11 Jun 2026 06:19:23 GMT\r\netag: W/\"0ef9e167d6826d3572d51c87c68f7da4\"\r\nx-amz-server-side-encryption: AES256\r\nserver: PWS/8.3.1.0.8\r\ncontent-encoding: gzip\r\nvia: 1.1 5e55efd80cc026d46ef651be2161ca92.cloudfront.net (CloudFront), 1.1 PS-JJN-01VhJ153:8 (W), 1.1 PS-HIA-01VH8172:19 (W), 1.1 PS-000-01OaW51:14 (W), 0.0 PSdgflkfFRA1je97:9 (W)\r\nx-amz-cf-pop: SIN3-P5\r\nx-amz-cf-id: CsgTjhJgELQzspcNDAIQbBcqFMnPLb9UugixE66x0mkGBnnyUSzoAg==\r\nx-px: ht PSdgflkfFRA1je97FRA\r\nage: 40608\r\nx-ws-request-id: 6a349828_PSdgflkfFRA1je97_11090-50185\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1412909,"size_decoded":207453,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"e177c6cc457429a6a5b3cf09d0840880","sha1":"39a33b517f2dacf0c516c8e912ec87c3fb199596","sha256":"49d767d6151d8b9c55cab5245024d1c15e487ba15db4a5ce86667096bd261d62","sha512":"fffcd3a2650892ca87e73dba771fad0384d6f7f86184f7269fc14e2e8eb9c6fcac45b8680b00ae2ff0c396e43a503c5816a5344a8aba6874c187a240917d2b6c","ssdeep":"24576:Fq004YjlwV4gxSGLEU+1GQmlOP0EvW4GNFo3Si0IzonkMFZyo3mvZ:Fq0043V4j4H3mvZ","tlshash":"3e25f8317d2d311e663fc55a3490f6885c26f253c2456279a253be398fcfa923a3b784","first_seen":"2026-06-16T01:40:38.473939Z","last_seen":"2026-06-19T02:05:18.199659Z","times_seen":4,"resource_available":false,"data":null}},"time_used":362,"timings":{"blocked":-1,"dns":9,"connect":22,"send":0,"wait":58,"receive":0,"ssl":270},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wapca.lnzhengda.com/static/js/vendor.14d0279eced2ff814164.js","fqdn":"wapca.lnzhengda.com","domain":"lnzhengda.com","tld":"com"},"ip":{"addr":"163.171.242.126","port":443,"asn":54994,"as":"ML-1432-54994","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.105655222.com/","date":"2026-06-19T01:15:20.689Z","timestamp":1781831720689,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lnzhengda.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 26 Jan 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"56:3B:CC:52:E9:1B:D9:87:E1:C3:1C:05:5C:87:04:BE:70:7F:AB:5B","sha256":"C4:BE:55:4A:A6:AD:32:62:03:08:C5:DC:7F:D6:65:0A:EA:6A:77:FF:FF:07:D0:A8:40:1A:C8:D6:34:9E:DA:96"}}},"request":{"raw":"GET /static/js/vendor.14d0279eced2ff814164.js HTTP/1.1\r\nHost: wapca.lnzhengda.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://m.105655222.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Fri, 19 Jun 2026 01:15:20 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Thu, 11 Jun 2026 06:19:25 GMT\r\netag: W/\"1a1e40b868426c6c63b079ba74e9907f\"\r\nx-amz-server-side-encryption: AES256\r\nserver: PWS/8.3.1.0.8\r\ncontent-encoding: gzip\r\nvia: 1.1 fa56b861a1746d8c765282bcc5a9c284.cloudfront.net (CloudFront), 1.1 PS-JJN-01XUm198:3 (W), 1.1 PS-000-01xz346:7 (W), 0.0 PSdgflkfFRA1je97:9 (W)\r\nx-amz-cf-pop: SIN3-P5\r\nx-amz-cf-id: 1po45pLaxMHqfWtt5YIEzmyx2s68anogRFiMTk_ITdZS5Vqlr7-Fiw==\r\nx-px: ht PSdgflkfFRA1je97FRA\r\nage: 36629\r\nx-ws-request-id: 6a349828_PSdgflkfFRA1je97_11090-50184\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1381389,"size_decoded":403674,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65528), with no line terminators","md5":"628705679dc27331b98cf6871beae231","sha1":"2254009bb08abcbf1aae7dfee7e7efaa13444fb8","sha256":"829d6c7dea08235d28bc06ce81db614e4659b29ddd9e015e5ecccbb5fdf2adb4","sha512":"8a4e6b0683c42ddc47cc65ddc1c74dc00041dde52ff7cc74b80fddbbc8121dfb393253437ac4ef60f31fa1917eed0c25d2886802eac66e44a7d556d8ad5fc2ef","ssdeep":"6144:wo9F/UTfXr15TkD9vvidI/GVTpvNWTG7ya7XFN5We5w1IQCg3ibfjcikpFlNx2Sn:dQTfXIdCFbXFNXw1tibrvfcuGooR","tlshash":"832518cdb291b07503d760a5402f160bf237695d740a809cf669e8eaacb8d4e617bf7c","first_seen":"2026-06-16T01:40:38.442078Z","last_seen":"2026-06-19T02:05:18.195193Z","times_seen":4,"resource_available":false,"data":null}},"time_used":361,"timings":{"blocked":-1,"dns":7,"connect":21,"send":0,"wait":59,"receive":0,"ssl":271},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wapca.lnzhengda.com/static/js/app.407e69d96430086940e6.1781674586754.js","fqdn":"wapca.lnzhengda.com","domain":"lnzhengda.com","tld":"com"},"ip":{"addr":"163.171.242.126","port":443,"asn":54994,"as":"ML-1432-54994","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.105655222.com/","date":"2026-06-19T01:15:20.690Z","timestamp":1781831720690,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lnzhengda.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 26 Jan 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"56:3B:CC:52:E9:1B:D9:87:E1:C3:1C:05:5C:87:04:BE:70:7F:AB:5B","sha256":"C4:BE:55:4A:A6:AD:32:62:03:08:C5:DC:7F:D6:65:0A:EA:6A:77:FF:FF:07:D0:A8:40:1A:C8:D6:34:9E:DA:96"}}},"request":{"raw":"GET /static/js/app.407e69d96430086940e6.1781674586754.js HTTP/1.1\r\nHost: wapca.lnzhengda.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://m.105655222.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Fri, 19 Jun 2026 01:15:20 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Wed, 17 Jun 2026 05:39:03 GMT\r\netag: W/\"2dd5c4883b1976f5ec13c5d5e4d4da3d\"\r\nx-amz-server-side-encryption: AES256\r\nserver: PWS/8.3.1.0.8\r\ncontent-encoding: gzip\r\nvia: 1.1 7ad0b0442533f4f7737588a9858061e2.cloudfront.net (CloudFront), 1.1 PS-XUZ-01zPo133:16 (W), 1.1 PS-JJN-015mq212:15 (W), 1.1 PS-FOC-01tmR97:8 (W), 0.0 PSdgflkfFRA1je97:9 (W)\r\nx-amz-cf-pop: FRA56-P13\r\nx-amz-cf-id: yLk75MN4M-un96RAd2z8XxQZNqh-akwKEOmGxt3ktOExpyGiE1ax9Q==\r\nx-px: ht PSdgflkfFRA1je97FRA\r\nage: 4796\r\nx-ws-request-id: 6a349828_PSdgflkfFRA1je97_11090-50183\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":1544140,"size_decoded":306242,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65508), with no line terminators","md5":"a996837e58ebca1f3d41062179d8c729","sha1":"db63e4dee7c448b9e74cc73fef09b163c683e458","sha256":"8df9e929bbbe23c008ec7b76c866a0b4e106a15fc0ef5319da034e03d32e41ca","sha512":"6eb52841ab2ac991c396664f75550bc60c3e31467d464dbd91c280f1eeef743fc758a2c3b6556058d23da3b5c0d0f2699322d494c66553126921447be33f1ff3","ssdeep":"24576:Lv/eak6wY8AXbfMhSuIlKd6pbt1KyxuWpWYuYvMs:Lv/eak6wY8AXbfMhSuIlKMxuWpWYuYvH","tlshash":"2e3595167043e6b94d9e9021652a1134e1751fd8a019d0aebb3cdee49be4d7a332fb3c","first_seen":"2026-06-19T01:15:57.692968Z","last_seen":"2026-06-19T01:15:57.692968Z","times_seen":1,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":5,"connect":21,"send":0,"wait":22,"receive":0,"ssl":268},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.105655222.com/","fqdn":"m.105655222.com","domain":"105655222.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://m.105655222.com/","date":"2026-06-19T01:15:21.667Z","timestamp":1781831721667,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: m.105655222.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nRange: bytes=0-\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://m.105655222.com/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T05:20:17.624761Z","times_seen":16535485,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-19","alert":"Phishing Block","trigger":"m.105655222.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"m.105655222.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}