{"report_id":"8a535d16-6e8e-49c8-b86f-17bc002ce67f","version":6,"status":"done","tags":[],"date":"2026-01-07T00:50:34Z","url":{"schema":"http","addr":"og6y7c.top","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":0,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"http","addr":"og6y7c.top/m/index","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"title":"Shopee","dom":{"size":40858,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (33316)","md5":"f90c3d9e5ab435736cf094877bd0c499","sha1":"f9ac7828a796f58ec29382595b1832179e62e551","sha256":"1312a7adb176c41113d4737ee1ef2087efed189a04070d52f102248d40a15e8c","sha512":"f78fbc54f4b71a49400bf7506c497121151e878a803bd076fbd00509930b3bad9b547e4d6955546fad790dde8f6af5f43f74dc320593212df11004f06aea7632","ssdeep":"384:wEZUhR4FLk07ErzKFZ/OwZIIIcqGxVcMtIvbG4DetKU8Y0GJnAHefg83VOjVokPC:wEioffCwZIIIcqA3VOjVokPhctP","tlshash":"c503ff31c402246f1223e9d5e564bb59f193f30fe236c48076ac479e7fd2ef066691aa","dom_hash":"domhashb171dc338c81635dd2cb86630e6a079a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"og6y7c.top","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":0,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-11T00:50:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":9}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-07T00:50:12Z","timestamp":1767747012,"ip_dst":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":41132,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-01-07T00:50:12.173857+0000\",\"flow_id\":1112163221732688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.37\",\"src_port\":41132,\"dest_ip\":\"180.178.44.100\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"og6y7c.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1175},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1654,\"start\":\"2026-01-07T00:50:11.818512+0000\"}}"}],"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"og6y7c.top","ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":811,"request_count":162,"received_data":3135625,"sent_data":58854,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"jQuery:1.11.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js:2.6.10","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"SockJS:1.3.0","description":"SockJS is a browser JavaScript library that provides a WebSocket-like object.","website":"https://sockjs.org","common_platform_enumeration":"","icon":"SockJS.png","categories":["Web frameworks","JavaScript libraries"]}]},{"fqdn":"pigeonteensindonesia.com","ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-17","domain_rank":0,"first_seen":"2025-12-21T12:24:49.412434Z","last_seen":"2026-01-05T16:27:25.316986Z","alert_count":72,"request_count":18,"received_data":1332958,"sent_data":8701,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"down-sg.img.susercontent.com","ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"domain_registered":"2022-07-18","domain_rank":506728,"first_seen":"2023-02-16T02:40:30Z","last_seen":"2026-01-05T16:27:24.460682Z","alert_count":0,"request_count":20,"received_data":5037426,"sent_data":9380,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-01-04T22:21:06.427471Z","alert_count":0,"request_count":13,"received_data":1717757,"sent_data":5767,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-04T22:17:15.216142Z","alert_count":0,"request_count":1,"received_data":1251,"sent_data":443,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"og6y7c.top/","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"2675fab97e66abb2dc482356efb999b7","sha1":"3311edff263714f305e1e345e152bbee777cc844","sha256":"bc87ac65daaf5582b0084af46d5f173f84e35b6b39733943e908fd9023cf3bb6","sha512":"6d1ed57e31ecba4fd8d5e5bad006be0928245259a0d0a57a6c99029dc00cb4d2e74f0ee31a7c4e198b51bef9c544d9a55c559aad033e38acf75be73bb53873bc","ssdeep":"","tlshash":"121180cb99618a6896e214ee36fe3750b573e052f9446130751fcd103d9c70f036aaeb","size":889,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.236674Z","times_seen":1123,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-07T00:50:12Z","timestamp":1767747012,"ip_dst":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"172.18.0.37","port":41132,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-01-07T00:50:12.173857+0000\",\"flow_id\":1112163221732688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.37\",\"src_port\":41132,\"dest_ip\":\"180.178.44.100\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"og6y7c.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1175},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1654,\"start\":\"2026-01-07T00:50:11.818512+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vuex/3.1.1/vuex.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c66594705de51675f08e3b83b9b9b38c","sha1":"40fa40f722043957a56324174ec6f80389391971","sha256":"e973901e74ff65888bbe2e58b95cfb957d5db316bb185a106f543d99176d1d65","sha512":"3cb0d6b77ac49d3c6c5c5740efa2fd9e3e0c79158c88a9d4f0b709f4713a38a7b72109a2b4c636377c783effc3c6457c718d8cdc2e9c7577db9691562e95375f","ssdeep":"192:90DuIfY7JtjC5ydUypH82+H8urFLR7BD4GOUo1MQl+B2GHPpB3QE7WA+MWnBP:9guIw7JtWqmhfldD4Eo64UgH3nx","tlshash":"4f1261ccf661b0764a377460623f120fe276a46d200a4468f598e4ef6cbe14d94abf3c","size":9875,"data":"","first_seen":"2023-03-07T12:05:56Z","last_seen":"2026-06-07T01:38:16.191432Z","times_seen":1411,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fa93e8894edb6245ab03883633b12b6e","sha1":"e3ba4c7d1a8876090756fd31715b4f6af6fd649e","sha256":"3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15","sha512":"263612833aa8f4ad08798184b25311604f1a3bdb6aecacb71103661159007ba0a9d7803094930b3276f47e980492bdd8c49f208508ab88ebd9c0875166278621","ssdeep":"","tlshash":"0c8124b0bb8d35ab0e0e21145b1f60cd927ce43a085949f6ec9df1321468c2e977ad6e","size":3883,"data":"","first_seen":"2023-03-07T12:01:36Z","last_seen":"2026-06-07T01:38:16.121757Z","times_seen":3331,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/axios/0.19.0-beta.1/axios.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"334149adf44476f28bfbf16c7b0382c2","sha1":"ad2ea246ebb53ed655ab50d44b33d4d6f942387d","sha256":"6d2c0a450a04b5d1492f77d7e512fe6af26e95c2feac596825f45e71b9ffa4d6","sha512":"0f9d66a68e400a2499cc1dbd79331892e9e62e278d8b4784e354b7a281c91fcc1401eedb0857ff6911d842ea853d39081b459fbdc0e30d927ee93b5ba1ecdbea","ssdeep":"384:hpI8XyWPbWeAExXqgxH7RqzGbcQdVzxbUm6HwT9eei:LbXdyGbcczx/6QT9e1","tlshash":"f25285ce7861b0a757e320f0805f4a0fb2b6552a754d84a0f660e9f66db542e8733f5c","size":13638,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.11665Z","times_seen":1178,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.15.4/index.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c51f03d35129d9d1a9da65b24cef7fa7","sha1":"1e1d550d978378980dc3aeb60012da86c2355c4b","sha256":"339747e3a960dd82946bb6b06fcf1dda76b9ee786a337726b535a1d86d6b9c0c","sha512":"8c83157d1a2d4bacafc89ed01d444551151772f1119272c303ace71aa12b6f1fba29da8c9597e2a9baf670c93768286a405a70186b92ba5aae84554b9123c1eb","ssdeep":"6144:K4lrdS1Vqp5xb+XzxEXdUfM2Z0a54VXTnDBHiSuLx8isMZg07LQi:7vS1Mp5xb+XzxEXufM2DEDVHDub7LQi","tlshash":"04c41b8d72c1b5314ba36070503f250bb33b299c680980dcb679d8ea6dbd949526ffbd","size":585656,"data":"","first_seen":"2024-03-05T16:56:16Z","last_seen":"2026-06-07T01:38:16.197412Z","times_seen":819,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-router/3.0.7/vue-router.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"32e2eb91e6ed0512057b2ad1e6d1b242","sha1":"27809df1b99a4b81b6b82ba2985cdd4b1c8bebb6","sha256":"e8707a396dd2f8d74eaaeb2f784074a24d7a71cbe15dcc70297f726b31c160d5","sha512":"0ab7b445b586dd27a0aeb72396350982783129c9ba028ba1db847c9d2acc0de9c90c3c9636e76a21553fedf81031220f3676ea64bf7336644c04da33d744563d","ssdeep":"384:UUcnX3xpR5tumD+EaKGZRpqB1UdEPQFWmexTMCJ:7E3jXtuW+qGZK1UCP5mqMk","tlshash":"01b2c7ddb581b03547e326a0412f250bf27b358db44e8498f269e4d52cba85ec42bf79","size":24822,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.190705Z","times_seen":1171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-vendors.42f07336.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"bdaaed4e9e1d5e0322ea968e6f47ac0c","sha1":"85c58af8151ed5badcdca952295e8c6e7b3e1e15","sha256":"c9634af5f9b16a9f44d78311163effd76467a2441f744859c96fc066a3b58aa8","sha512":"e23c153981e588a4d6b99c8341da319ce7e9bb16036ff952a8a469910640505b6e7ee7bb9e6d06dc59082f537053bb46cc8d800b82de8a730abee7d743bf03d5","ssdeep":"1536:qJuH03+0goh0dbU2Q+39Ya7C5x+eccVdofh3q4A6R:qJuU3bCbU2Q+3MXccgpE6R","tlshash":"0553e788f2d5b070439771a8402f610bf37ae959b44d8498f625e8e1bdb8dce546bf38","size":65536,"data":"","first_seen":"2024-04-24T18:56:38Z","last_seen":"2026-06-07T01:38:16.213296Z","times_seen":803,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vant/2.13.2/vant.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"644f13180f8d398c886f534b07044cdd","sha1":"2d3349d384b50a385ed0b0d84a256be60a1e2201","sha256":"f5d6379be3cba230a20bfd8bf264805de16223e0aa0277c0fb68c3c0751acff6","sha512":"700886a3c2a288eeadeec4b09884566eecb30f2530259b18a45147f07a02103fb94e144ed643f690de26e8b76119aa639f210c0d687cc957c82318be053ec72a","ssdeep":"3072:XuhzovpPNdJ+fzFgMxnnocXJjyv7mF4Betr1G661LlS+b6aNSnIum/yXN:+hzopC0TmRQBPSWyd","tlshash":"0b54d78ab1c5b425079770b5403f110ab237298cb81a84dcba79e4e66d7ca5ca13ff7d","size":279653,"data":"","first_seen":"2024-04-24T18:56:37Z","last_seen":"2026-06-07T01:38:16.166644Z","times_seen":950,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-9c1c641c.471bd454.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1630e44870c051f166fa952f722d4725","sha1":"bc968080544a2e59e8e026de0abe54359d28e39d","sha256":"6c95e0a7e350c2c80e72c4240857bec35219ccbc7ad3fc34d61290e62a7c20c0","sha512":"a45ad5fc2885dd1e50f162373b8dd381440eded0a0ec9907082e5c05f0ec84ebe51874bd3d3835a1b53995f552adcb05f9007d845adb0c1e3cc046d2237966b1","ssdeep":"","tlshash":"7811cb4d39a5b1133b2b64a4106f72889de7218639bf6c91d164c4909f7258f116bace","size":925,"data":"","first_seen":"2024-07-16T23:08:15Z","last_seen":"2026-06-07T01:38:16.12941Z","times_seen":631,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ea671664a4781158f00958fc37fff43","sha1":"85da357f6e79636c538688e45ec51d157c6294c6","sha256":"e7f9727d063ee11e78aa2edd32d0a142fb798fb7154bdae1fcef99a637c1c1ef","sha512":"1314bd9f0c883f518cf680dddad1098d2792ae8d8b55b9eb0c797daf764002c67b2112665fab030db9ddae5ea891513ed240c143bcce53a66f0e8b785294833e","ssdeep":"","tlshash":"ac21a42c2d5babf8930338b1a032c65068f8e51ff114af0677ae0fd04b757ee8918824","size":1301,"data":"","first_seen":"2023-03-08T23:52:18Z","last_seen":"2026-06-07T01:38:16.235306Z","times_seen":843,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-07T00:50:12Z","timestamp":1767747012,"ip_dst":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"172.18.0.37","port":41132,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-01-07T00:50:12.173857+0000\",\"flow_id\":1112163221732688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.37\",\"src_port\":41132,\"dest_ip\":\"180.178.44.100\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"og6y7c.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1175},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1654,\"start\":\"2026-01-07T00:50:11.818512+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/lib/flexible.js?2222","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1572c9446821f8b1dc1136b64b44e739","sha1":"6a786ef63db48581f50e85601ef4a3effe8bf095","sha256":"264ef2e4767a942ee634794619d94edbd7da642cb79277c16b974cac9795c246","sha512":"4283dbb16b94c7db39673fb92808835e7f2ccb34f64502d0524cd571fb28e91c82abddcbf1224d4b83c1fb30908c96a4d16b604b22ef0f491c2bdf2d00213598","ssdeep":"","tlshash":"5b81322806e322361e2330348fbf210539728067055ace447d5ee79e6fe4a654ef6bf5","size":4065,"data":"","first_seen":"2023-03-07T12:58:51Z","last_seen":"2026-06-07T01:38:16.121288Z","times_seen":857,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/lib/jquery-1.11.2.min.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6355f3cc28006e33bad2e765cde30e0d","sha1":"909cd6318d5047f3c8e83528253b256981394414","sha256":"39eed2d24faf4985b922b64d078f106edba6b3b84d5385e483a5c7bd69201da7","sha512":"b22d3868a7b311f82bb149f8afccee03c68dcd5e7152a061b8e18d97aef794b106dd1cc081d49f4d638193924ffa5885239cf67152fc339ff0cf3cd1d194d175","ssdeep":"1536:0Hg1kz+hAmcGmVFnlkFybx+amELolY+30k1dml+BQZX6YPnrCtn8JkDnlwMxVW2:0HDdc2F3c2G7mIW2","tlshash":"13930add76c2b06387a720b9506f550bf276599e280c4440f268e8fabc7ca49a137f7d","size":96382,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.127956Z","times_seen":1822,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/core-js/2.6.9/core.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"622c4c9d5dc4b1ee29a2eb908186ec88","sha1":"491753a3f979f7d180af11e1929ffff85e30f921","sha256":"794d1c7ab27be77d366e0497e641488e50f5ae6581b4db51cc08de1e142eb47a","sha512":"2b2485006e3a36dbae0d0d8488ab63ae6085c34d5a6f72c3558c52b492294c157f67ce47c1c3b89498db9ff72f748485fedc04a881f1877f903cfa0df1c8be8e","ssdeep":"1536:PLFpwkiSucuVH8MBfaQQ979S17LMgRCSRjMbEjeb6Gt6UQ:PLbw1Sucu3Qw8gc3gk6Gt61","tlshash":"1f93618cbec6f06642636675413f900bb27a1a86745f89d0e12ed1e4bc7c98f413be6d","size":92050,"data":"","first_seen":"2023-04-06T20:58:39Z","last_seen":"2026-06-07T01:38:16.184989Z","times_seen":1466,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs//Swiper/4.5.1/js/swiper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ac19265b38d14235141d184bca54d9a","sha1":"c725eb5a33d093e331e25c3a5ef1272b0f1f648c","sha256":"e2c1132a1877692ca2e8d46203eaae9cf6936b0a9230341c6bfc4b5aedbb1e0e","sha512":"6476ae51cfef0724ba254cff1e5d68f2cda477840954b01b933f1c9608ed6ca5094fe006d5cef7e5a32d54b25fb4a418a3e2c3eb642bcafa0d6bebaacbeac21d","ssdeep":"1536:O/pPCitsufJthaK85kqzOAkRlojU6tU8r5MhkhGllpcXvH7WcWUKcOqylFE8BtOa:+JthJkOAkaRaaGl4fH7WcWUKcOqjtYD","tlshash":"2bc31849b35071e551e72256539ed601a3b66845b90ac0a831b2d8d7acbce8c03bfffd","size":128745,"data":"","first_seen":"2023-03-07T12:58:52Z","last_seen":"2026-06-07T01:38:16.149761Z","times_seen":2386,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-26742610.878e04d2.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"ab5cadd39b8e2c9a97682bd6102fbfee","sha1":"bd9537b4dee413e52063a6440e5de6cfaf4b26db","sha256":"e61d3ce051b4bb715c2bdf39cd9c6f83d098efccd0d47ed365313107513fcf02","sha512":"1b390696384da91b9613877aae6ffde5ed6e75ac2373aa1f034052fc07642d89ae9519d650b29de82270f9687458d70811f41453334f5328d0fc5c79b556dbf7","ssdeep":"384:wGqLJiP6oxrZXHWZcQqcDk0GY9BtVoTZXHfZFrZxmRe83UEPZd0WIZo99xV0mY4Z:wGrRI+L2XrYTom4n51","tlshash":"6033961ab58be2afcc6aa052811e1930d1757fe9d025e081f734cd9496e9cb8373db6c","size":53078,"data":"","first_seen":"2025-01-10T12:51:25.901568Z","last_seen":"2026-01-18T21:42:14.157915Z","times_seen":128,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"17e942ea0854bd9dce2070bae6826937","sha1":"434cdec1669f2c6c7406297a72120936bc56ed52","sha256":"72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26","sha512":"3f0439fa3817c71a6b34673cd32707137b29823e93b8389e1deff24e46c427e5396a897b753ba98bfe156f01c7ce54155bbed56f418b388b22622807802e6f72","ssdeep":"1536:1UXY7qLtpHt2Pqe1mZ8I6H82RaLiMBlo2VV2B/S/g:MYeJpN2yefjMBlPV00/g","tlshash":"529308dc7299b07157eb31f1107f140bf2365a19ac0ec194b222e4e67cb984d92abe7d","size":93675,"data":"","first_seen":"2023-03-07T01:18:07Z","last_seen":"2026-06-07T06:57:21.991128Z","times_seen":4056,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c019be63e713ce6f2aa221c0df8fa0cb","sha1":"e5471888945144f233714d470959059c010eb667","sha256":"87e6aba4bd25be4196ad7f269a62de823242abe105df538f218d4e6e268f74ce","sha512":"6ca3ae5fb17dc20a2c27d4008454feb7cefc626bf104252354c1abd0977f73a315001d94293a7d4379ecfda6ba21d3f49a992f243a6f9249c935195527d407be","ssdeep":"384:BPdUYakDlUGQrDQxMQ4rJaT30WCxQI1cg:DUYzhUGmUMQUX3","tlshash":"cea2b7c6f56270270a9260e5183f1107a33f241d648d855df2d6e8ee2ebdd8e91a3f39","size":22805,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.100935Z","times_seen":1153,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/sockjs-client/1.3.0/sockjs.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0a01fa31e644ca44836356a172ba7c9","sha1":"e81438a79e8a7f34423168c70696cff2a820dbf1","sha256":"840ea076b43dbf564a909bb082dc287740a96f3c4483fcc024f7176306daecc7","sha512":"a18f9c600996f8f31c046e80334cc794efff550c2286bc822ba7bbc197d99e4ce5f032133866b18cb9743a717b76e578cdb2a9fb5f6ebe42614d08ea1ea2e47c","ssdeep":"1536:XFWQV1ZGORGWiB67hAHLY/IyYT3uu+OLFckh:XFW8tG967hAHM/IyYT/Law","tlshash":"5853e8c5f46134a213e7a2b582bf11032376953a640c85b4b798dcf98d7d98c532bf7a","size":62797,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.117219Z","times_seen":1156,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/app.3bc2ea8d.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f6fcb9b7081abbede07a83416549ea3","sha1":"c9c3ef214c1d679c8ecae9a0dcf54835978ba91e","sha256":"6b865cca4ede8241bc24d8b6aab9ae01fe29ca5cda9297c96941e047bffbf870","sha512":"173ac2b09f387a3bdb7b0faf240ed0ed73cf6c398cfdac6a7d76d2d6ddc7ca1664ee79272d457b5a18fc3208f26e73cf434df7e46415c7b9c0df1b03f3195eac","ssdeep":"12288:f7QAf2i6qF4Du2XKkd6lX8I82S11yo52ZQEQn1+paHilDEFn9ogO/xXVb23xHuzV:sRQiOuAM578","tlshash":"bf258c9832de76b61193c856204f3a2ca0661eb6f245d0c16c76ea8c12edfb19533f77","size":1025499,"data":"","first_seen":"2025-03-03T23:57:52.357823Z","last_seen":"2026-01-18T21:42:14.356722Z","times_seen":129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-06ae24a4.686330fb.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"676e3a2df47d8e40c29c2d1a67127eec","sha1":"e54e8144ef939162c151a843933a98ff020a2641","sha256":"6499fae751b066d09b0d93a067502c15d6fecd5b460c7f5a981dc1fb3b286fb4","sha512":"4314d28a687dba60202a2a5974ea1b39b02a45a2fea359503396553b4bf9c1eebcc4168357fe2e43875ddd2e61c2af72b926ee6a61bc978fae9474a77de421bb","ssdeep":"","tlshash":"c0b02bbe2804790808bfa0e4300b33d8048301003f711ce507b020902b74e8e4303a4b","size":129,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.159335Z","times_seen":840,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-586d3a0a.642ccb5c.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.525Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-586d3a0a.642ccb5c.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-b66\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2918,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2918), with no line terminators","md5":"8b3565a80309c1c7f27e0907f0c7e6e9","sha1":"f4a368725d0259c94747b402360a2277212d7fd6","sha256":"20bd1ca6e1b5fda1b5b59b1880e07a12f810d57d09a817367f9423e6b0483c8c","sha512":"d99830f0d631053097a4ac9d52a07a070603135e5216c273848d9ae91841a6a4f63d2344f18ec7ebd96f85d41e03e630a2810e416b2b00d954fb863c37455914","ssdeep":"","tlshash":"9651980d7483f97505e6b1d0542f3653e22829d49125e041ffb0c6d4aab4adf5936e2f","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.10787Z","times_seen":807,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-6e4f04a4.b5b06632.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.744Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-6e4f04a4.b5b06632.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-13a5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5029,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5029), with no line terminators","md5":"1f64a4dd650fd3886e5b07b635ef4396","sha1":"2d6efe25ef9f27bdee3cc815608a85a922646ad2","sha256":"cace7cdb6c61f09be8915ca4c5cb63a2c69b83fa26ab8b5e6226b51ceea5918f","sha512":"3caef58465c39a5396a847ef4712731d0bdc5b52500c522b6410fc1b041762bacde488d86a579cd213dfc312800599199145e2ee2c583d458c2c373b5cfc5ef4","ssdeep":"96:mbAxCrPwsEiRiRJK+H19mHRMR4RMpBGhBfL3U2xK7q5bCS4M1qMreL:mEs9QzYMmMihBj5xl5bCSMlL","tlshash":"c1a1c9c8a5e5acda07a392a1503f31d5b212d11564337482fb71cfef3d6e6d60902b2b","first_seen":"2024-05-06T19:02:51Z","last_seen":"2026-06-07T01:38:16.217427Z","times_seen":720,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-b81b8d9e.02f3c05f.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.138Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-b81b8d9e.02f3c05f.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-11b4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4532,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4486), with no line terminators","md5":"64ef56df50b9cb0331582bc6a51c1d28","sha1":"26b411f8628bd94d9b0a74b60cf88fff87a6c184","sha256":"f0b2413e0c954f8b31c7a6a02c40c1a77683cf5305d30099edece4da2d24bcbc","sha512":"94d416b4c32e9c687303dfd1c4dabc2e0a5dd0489eea0c964158d724385491c9a884837c064d50931f653aaad6cf152a5f37faf7d4a3413494a4db2c19d2850a","ssdeep":"96:leeZ+Ac66Rt6qwe6yU6d9WCuqk6SjkcWpbu65vOn4SniOLv8k/KCR/Kl/Kq3NK+s:lfZ+rVWC+jkJvTSnp9","tlshash":"1c91654972c3f5ae457be221843f262af1693a95d815a581af30c5c07824c39b339eeb","first_seen":"2024-09-10T16:42:51Z","last_seen":"2026-01-18T21:42:14.176934Z","times_seen":205,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-d646062a.b702ae45.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.322Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-d646062a.b702ae45.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-139d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5021,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5021), with no line terminators","md5":"f271f4c8af58d5f880409e37228914e6","sha1":"99dbb0a93a7d68e349d6d7a630e504a3e4502dcb","sha256":"a8426489a32da765bf60f13c8fde7f581bc961a2e4792a8773151f2259c6ff60","sha512":"14cc145578eba23d4689790f69fd6ee440653f5c238d35ca9f88ba0ed133180d07721f9a616ef1c4950dfb3f8a1863ff5369e762721a48902111cedaa631d0c2","ssdeep":"96:jgRBcxo2PwsBiMiR0uK+H197HRMcr4RMhYFq6gNB04uom2xK7q5bCS4M14rMX:j0PzsoFyYPMcUMhyu04xPxl5bCSOrm","tlshash":"30a1bac8a6e5acda076352a1503f30d1b312d11978237482bb71cfde3d6ea850902b2b","first_seen":"2024-05-11T19:59:42Z","last_seen":"2026-06-07T01:38:16.20891Z","times_seen":718,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-fb459430.6a86a8d0.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.518Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-fb459430.6a86a8d0.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-37b1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14257,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (13991), with no line terminators","md5":"e0896caee41fd2b5c18a1a1ece8d5eef","sha1":"41a0de622fedf52315e0a4f62541c73f18ee7ef3","sha256":"a7a9094befb4167c4068cd80039c8c781fa539da1c4ff740e2504611a601d2d1","sha512":"ce4e07d449b61b1b01b5561aaf303f6ae7ef4a05adf59e6a07b323011af191961aa33f16511ee5728a42169ac2d6269799e99bbaaea1b7bc3d8fb95a85e37be7","ssdeep":"192:GYdkQ2uE1tJS87BmQzmvH/CCoblLZ+Se4:GEE1tJS8FkKdWSe4","tlshash":"61528654b487e6afac6e9522411f3a35e1312fe4e026e043bb34c9d05da4d7c272db6e","first_seen":"2025-04-07T11:12:04.222332Z","last_seen":"2026-06-07T01:38:16.130899Z","times_seen":531,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-2232cdce.9ea87d6e.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.163Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-2232cdce.9ea87d6e.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-2a3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":675,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (675), with no line terminators","md5":"1c45f5d00044828f6731d3b19fbb5d20","sha1":"a54da32a2c9a2cf722946ba08e0dfc786151f32a","sha256":"8dab559fa7fd40bddc56d28a07aab471b6269e17c14689034f08da90989d763e","sha512":"6125f075397f81677d3892e739def54516000c968acf3df423728a673897421695bf0e00f91c95b81e914b0c2dfaca1cc0fbee7df77e41b4deb39b869ef1a5f5","ssdeep":"","tlshash":"ff017b2bf08c0655c432c0416ad41eeb802f752262118ef68d87bd65be8b347e448646","first_seen":"2025-01-10T12:51:25.86171Z","last_seen":"2026-06-07T01:38:16.223428Z","times_seen":548,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-9c1c641c.c03e3305.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.350Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-9c1c641c.c03e3305.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-11bd8\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72664,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"080534fb961d2addb8f5659bb6536539","sha1":"9e638630b9a766249daf5cf2094256fc9799c3bb","sha256":"1b83291aebfdf0cdf5d45c3f568acdd31797311b1ba207d3b72a99373981464c","sha512":"ec88de372468c4b5777e3e137e26b64b0c868141f59855f99f0fd377ecfff4ab0efe8e9330c776b9c99c7b55315061588f3f1b814dfed1e44b200857dce3693f","ssdeep":"1536:G81LeLxbOjU6prVTG1Bo35sCe0MXePDsHme:G81LJU6prVTG1Bo35sCe0MXePDsHme","tlshash":"2e638472f991261d71178664a19576e85b3bf012c2421ff9f02a7b358fe72c6372238b","first_seen":"2025-01-10T12:51:25.845055Z","last_seen":"2026-01-18T21:42:14.182845Z","times_seen":131,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/api/file/cfg/202512/18/b05b53576852446080fef70f6762204d_.png","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /api/file/cfg/202512/18/b05b53576852446080fef70f6762204d_.png HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:14 GMT\r\ncontent-type: image/png\r\ncontent-length: 86811\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, accept-encoding\r\nlast-modified: Thu, 18 Dec 2025 03:54:39 GMT\r\naccept-ranges: bytes\r\nage: 6622\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zkXZWZwpOUgTSfxj0Bivw807ywnGl4umXqrwHEVWquVCSGQl7nV8qQATGZiTP6ChYQPugLaZBSlF%2BrCY6RNHMtjqwwUK5coMUTHqWkYrfctMiJsEF%2BDW3w%3D%3D\"}]}\r\ncf-ray: 9b9f75ba1f68120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":86811,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"8e88821bb1dac647065b32143d790ef0","sha1":"01ea1c3b276898ee3348eaf65979d12cb989052b","sha256":"c13cb4b58d8680f6308f8fe40cf28e2ac9bd1243a01b0aeb67a208a44027b9e0","sha512":"420eba64061ffda0c2401ce9205a6f82b564dc1c5cfbfbc4e07576066fbf807f41fff486ab4eb0e392cb0f847b79cb504dd16f5d55ad1296d2d383656377872f","ssdeep":"1536:VMCAVk8EwI65Cpg0WW7IZeE38Je55Eea7DWzhGF6Nk+D4zXkS:VMdkgfQWW7Qn38OFaMzzD4zXkS","tlshash":"4d8302c9c88655015e1633cce252f5e0cb0eea10ea35070ec59ef89a4feb136dbd6583","first_seen":"2025-12-18T19:47:47.598607Z","last_seen":"2026-06-04T10:55:59.54671Z","times_seen":267,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":41,"dns":19,"connect":1,"send":0,"wait":10,"receive":6,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-7qvda-lhfrug25l69s0e","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-7qvda-lhfrug25l69s0e HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg;charset=UTF-8\r\ncontent-length: 313811\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"6fbfa4526b0402eb431b5834fa8b917b\"\r\nx-mms-request-id: fae079853e694fe3adefdc62602097ee-68df5667\r\nx-ser: i2315767_c11460, i1935949_c22759\r\nx-cache: HIT from i1935949_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":313811,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3","md5":"6fbfa4526b0402eb431b5834fa8b917b","sha1":"717cd2a5e2f497c9770b53235d859e1bbddfe9e9","sha256":"c98794427ba7cc492fa22229a9349497448142bf989aaca726f6847d6ff918be","sha512":"4bf54449c53b5752e118f4790477d5ee261d5b78fd64199b8c59efdad8523244e07731fd53ae8d4d2b78ba2d616e2f3d69fc1e40a2a436d50923eed4e0f8a291","ssdeep":"6144:WR58bLfffZHaZZNDdVHB4BIEDPBo8i1Qf8PszqvVoaa1ozfVPjO:E5GZHaZZNnHB46EDPyS0SqvVoXoxPK","tlshash":"9264bbfd1aa4ffbc7fc843ca789ccfbc682212397c6cd61c0615945eaaa8912545cc97","first_seen":"2025-08-08T09:27:37.361983Z","last_seen":"2026-06-02T13:15:00.932425Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1421,"timings":{"blocked":637,"dns":110,"connect":35,"send":0,"wait":120,"receive":38,"ssl":474},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-e8d5acac.c6c9a35e.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.079Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-e8d5acac.c6c9a35e.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-208\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (520), with no line terminators","md5":"0aa99da893d97d2ee75b3f0641966e72","sha1":"281bb879c04d2837ca5cd425d28f7a74731a95cc","sha256":"98a2280b90f3147a37da96395b719e3b2f0dabd40ad15c1e023724f1740cf468","sha512":"4bc84900b182d00ef3a9a9c5e53af25c54d2ea88708cf21ec6d07c81c5abd61be643445decf3db099cedf546a5ced13b3ca3872a78a2c8b9b11009bf5665be98","ssdeep":"","tlshash":"76f050320105551c8127d43157ec2db6516cf11be17fb1c44851732987cf64219b72ec","first_seen":"2025-01-10T12:51:25.885493Z","last_seen":"2026-01-23T14:09:19.550365Z","times_seen":190,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-06ae24a4.686330fb.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.321Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-06ae24a4.686330fb.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-81\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":129,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"676e3a2df47d8e40c29c2d1a67127eec","sha1":"e54e8144ef939162c151a843933a98ff020a2641","sha256":"6499fae751b066d09b0d93a067502c15d6fecd5b460c7f5a981dc1fb3b286fb4","sha512":"4314d28a687dba60202a2a5974ea1b39b02a45a2fea359503396553b4bf9c1eebcc4168357fe2e43875ddd2e61c2af72b926ee6a61bc978fae9474a77de421bb","ssdeep":"","tlshash":"c0b02bbe2804790808bfa0e4300b33d8048301003f711ce507b020902b74e8e4303a4b","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.159335Z","times_seen":840,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-dd580cf8.ad4909c6.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.324Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-dd580cf8.ad4909c6.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-175a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5978,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5874), with no line terminators","md5":"427c56710f73925610ee051dc5dac663","sha1":"f5a8ee7e08d60ba732d993920d9f513eea3cadb4","sha256":"06dbeafa1a3d4781512e7e9694f58e994449b19a6f232ffe412d7b7ced396b61","sha512":"94464dd7ec342cf6b067bd078d9ee1c7d1ea8d902956e99fadf0d29ed2b1d4e09297b949644eb63794488016d4fba9c6997af6c0e0f570236c4476af114020b7","ssdeep":"96:/sEOY7KsUtzogo0o+oud1CUzy0pJirRfKBT2QEVsPiJ7tImP5MyL:/L+zJxzDjnpJirM2TVsqVxL","tlshash":"a5c18748f1f7e66a847b6061802f1615f1327ee99821d002bb38dae07b50c7d77bea5d","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.218629Z","times_seen":801,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/api/file/cfg/202512/18/17ca713cd1e84fd7868152223de3d195_.png","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /api/file/cfg/202512/18/17ca713cd1e84fd7868152223de3d195_.png HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 00:50:18 GMT\r\ncontent-type: image/png\r\ncontent-length: 86811\r\npriority: u=6,i=?0\r\nvary: Origin, accept-encoding\r\nlast-modified: Thu, 18 Dec 2025 03:54:34 GMT\r\naccept-ranges: bytes\r\nage: 6626\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rp7llcmSLzTKkxzJtq31YjhzObfnXeP1Lst1JT6%2FJHdXbTyJfXO11H%2F9fkYovYhhLBLCQlRxdo4J1Ah7gSqwG9hZ1h%2BqlDeAm17RL29a%2F7RzYZzAT%2Fo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9f75d2e93b56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":86811,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"8e88821bb1dac647065b32143d790ef0","sha1":"01ea1c3b276898ee3348eaf65979d12cb989052b","sha256":"c13cb4b58d8680f6308f8fe40cf28e2ac9bd1243a01b0aeb67a208a44027b9e0","sha512":"420eba64061ffda0c2401ce9205a6f82b564dc1c5cfbfbc4e07576066fbf807f41fff486ab4eb0e392cb0f847b79cb504dd16f5d55ad1296d2d383656377872f","ssdeep":"1536:VMCAVk8EwI65Cpg0WW7IZeE38Je55Eea7DWzhGF6Nk+D4zXkS:VMdkgfQWW7Qn38OFaMzzD4zXkS","tlshash":"4d8302c9c88655015e1633cce252f5e0cb0eea10ea35070ec59ef89a4feb136dbd6583","first_seen":"2025-12-18T19:47:47.598607Z","last_seen":"2026-06-04T10:55:59.54671Z","times_seen":267,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/vue/2.6.10/vue.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:12 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 30769\r\ncf-ray: 9b9f75aafe6a5694-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402c-16deb\"\r\nlast-modified: Mon, 04 May 2020 16:17:48 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1806679\r\nexpires: Mon, 28 Dec 2026 00:50:12 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=eel50WGBxdZp493gxf2EOYcX9p2AbyrllNVTKo7FLNJWe8dsckJ6SYRN7baFAuYI0y1Q4%2BLTsOewvO9K5K80IvpkBpoe5JQAv6RjQ8JD6TjW88ZyhsbbG4WQrxh0HVSFGdtGAwwx\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":93675,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65449)","md5":"17e942ea0854bd9dce2070bae6826937","sha1":"434cdec1669f2c6c7406297a72120936bc56ed52","sha256":"72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26","sha512":"3f0439fa3817c71a6b34673cd32707137b29823e93b8389e1deff24e46c427e5396a897b753ba98bfe156f01c7ce54155bbed56f418b388b22622807802e6f72","ssdeep":"1536:1UXY7qLtpHt2Pqe1mZ8I6H82RaLiMBlo2VV2B/S/g:MYeJpN2yefjMBlPV00/g","tlshash":"529308dc7299b07157eb31f1107f140bf2365a19ac0ec194b222e4e67cb984d92abe7d","first_seen":"2023-03-07T01:18:07Z","last_seen":"2026-06-07T06:57:21.991128Z","times_seen":4056,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":15,"receive":1,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/static/customer/kf.png","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.700Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/customer/kf.png HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/m/index\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: image/png\r\nContent-Length: 10556\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nConnection: keep-alive\r\nETag: \"67a4aac2-293c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10556,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"f7d80a98f6b59aaf05ab54c405bffe89","sha1":"db5cfc26f716a362d10f81633934d9f01c523ae7","sha256":"ab41101111ba6bf6ecb5ef0aa35ae339cb7b2f09517eff9914dd69c65271ee03","sha512":"03bc2ef07c105a6562ba3bce8a0040db8a5f5efba951a12d19bc2d42b3abdb16b1f20ceec2c789ba5614d3ad07e926ebf293edc66ffbaf92b867410085a3bb47","ssdeep":"192:qX/4hute4ReiK/MhLbtUNdZS5eYQOZj9TND1UQBIJg7G5bmVaGal3a:w7e4vKENEZS51N9T3UQsgS54cK","tlshash":"ee22bf736860bb28794b3ca93fc9d55109c5bd24cac3c214956a92617cbaa9037df0d5","first_seen":"2023-05-03T16:46:37Z","last_seen":"2026-06-07T01:38:16.125254Z","times_seen":774,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":66,"dns":0,"connect":0,"send":0,"wait":176,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-63cdb844.6c4522a5.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.867Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-63cdb844.6c4522a5.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-2ef\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":751,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (751), with no line terminators","md5":"58217b61dafa74a37f7b9625eda26e0d","sha1":"3cc3873907a33a9589e3812cd22ff5dfb3f0c1ff","sha256":"9aa0015ae624fc8bc9c375d363e79b2255cc715cab95c4e7d96816f38b89763e","sha512":"ded4365ce693728154db0eca06a597913741749063b205ed39801911d070ca290858735080c3f9bd039ad41d021f8c7be5a65318651f1bcb2a737f5f826af142","ssdeep":"","tlshash":"0b019ce8798c01177db3c7ec787828e112711a3390818fe2597c7470ce8b5b522b5b9a","first_seen":"2025-01-10T12:51:25.873536Z","last_seen":"2026-01-18T21:42:14.145839Z","times_seen":131,"resource_available":false,"data":null}},"time_used":687,"timings":{"blocked":502,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-ea10d27c.3f957fea.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.099Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-ea10d27c.3f957fea.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-fd\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":253,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"86eb66b3c6d53d42ebe6a71244d90efd","sha1":"3253262a2522f786af490caf5627567895081dac","sha256":"59400816d68cb071f60a8e22fa661be479c8bc9ec6d8531edb2776e28c20c1c9","sha512":"03057ef3c371891e0166ef8f1c13a493ddf42522c43d51a1afd00ab1f555473638de5abe18348ffc3ba5f356d5c84ec672f57c5edd942f979649ba994e50b2d2","ssdeep":"","tlshash":"46d05bb529585075b8ffc9aca8170a6c4254a357da8107d0972184558d570562010d55","first_seen":"2025-01-10T12:51:25.844077Z","last_seen":"2026-01-23T14:09:19.521609Z","times_seen":191,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-ebba634e.e41daa24.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.100Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-ebba634e.e41daa24.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-206\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":518,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (518), with no line terminators","md5":"1cff30261d21415f988a27c746136d7d","sha1":"250599fd8cfcce855ba83d23054e5289a43901df","sha256":"7ab6e1e006ffa59c7345873208908764abc61e8213beaec8ce3d6a0c142ccfbc","sha512":"30cc2c24424146d420da0cbbbce544109f0b5957085593f541708bc1ee92726874fbd19b3349d62eb1d551ccf161c9ce52027e095ed6a7000a5341b42c2d538e","ssdeep":"","tlshash":"bef05927a2912704c137dd2027642b97c181e13a991e61ed9ce34716cbd3d421beb2de","first_seen":"2024-03-05T16:56:17Z","last_seen":"2026-06-07T01:38:16.130392Z","times_seen":756,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-1f95804d.fc9b747b.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.728Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-1f95804d.fc9b747b.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-1080\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4224,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4195), with no line terminators","md5":"9793b5efd41baf001ad7f694d3edb5c1","sha1":"edde1bd1c1bfb2c59f737392ce2af84cc1ecf255","sha256":"6da2ea41d49f58cd7b830e0fb592a029752807a2a77beb716203da7374833236","sha512":"e3fbd8b683a179c9844c68464608bb3f122dc2df50311c0a62a77ff5dc2053862f9f92a8457b9db1767b6a1712bd0b3f75e52c508ec56e4c2c5e0cbd5bfae548","ssdeep":"96:bTiMK8MK17G2myCclWE1KY06NNlU4nerWU7AFpM6W:bD0yCgKYXN7U4erWSAFy","tlshash":"a491844cf5c7f1a257a764b3801f196af1656dd498065a82ea30e1c17e28c78233feed","first_seen":"2024-11-21T12:34:27.395266Z","last_seen":"2026-01-18T21:42:14.157173Z","times_seen":130,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-c3857480.68316024.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.141Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-c3857480.68316024.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-31be\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12734,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12674), with no line terminators","md5":"19591c45b195158ab084519bd844cd60","sha1":"28603d2fb7c21da63fe9c56216dddfa28de84ccd","sha256":"00ab6eada5a0f3e4964fcc6289062ef3a22160878e2cff6870b9772209e63a42","sha512":"0e9d903c0688c4af325dde8c187fd8a07ced0a40080a92f37b4cdd85a2283657f1ab89c56c6aedc7a66fbf574bcef13811ab754d1f53040edbee2755e8991951","ssdeep":"192:LgHC1ukE3sqX4xZTiutoPS6X4rttv9Hgu7OFfi5h:Lgi1uANfOP6kNi5h","tlshash":"3242c88871c7f4aa49e2b022103f3795f1763ed5681ae817bfb4c6d1571d861222fbb8","first_seen":"2025-01-18T12:14:07.075374Z","last_seen":"2026-01-18T21:42:14.314349Z","times_seen":128,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-f045b624.6181ab51.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.516Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-f045b624.6181ab51.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-dd3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3539,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3501), with no line terminators","md5":"554a2852a05af8553e8e9f6cbf2b5132","sha1":"1206ffd47ce7ab7de3d8f0229614d79219600aef","sha256":"49c61b9fb83317412a6cb9cda4815f38c69ec4ee61c95ccf42aa9facf4ad9a0d","sha512":"3f040fa363895bac88511a58016662b54d0604381c735f901837718ef05b336dd814e7b9fd9850491841b7e5b89e1a378751a1921894ea21f1fb51625e41d813","ssdeep":"","tlshash":"04712204785beffdcc568051582e2731f1653fa9c436e082fbb0cbc85a909b6576db29","first_seen":"2023-07-11T16:55:59Z","last_seen":"2026-06-07T01:38:16.1758Z","times_seen":795,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-51454bdc.4a19b0cd.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.475Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-51454bdc.4a19b0cd.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-1a8\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":424,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (424), with no line terminators","md5":"63768b78762519cf4603acfc48995bcc","sha1":"9ae9769aff89008916d2414ff344a472fc9ff1d4","sha256":"8e9d60e3c5870a07de8d82ab712c318db6bf50dc2a1a894f8480fd8b3c425986","sha512":"23b25928c3fa699712bacc374c0376a3330f8737ae2d6a7620183280df2c836f45ed1e3ab8bd27cf6a8c04609ae7c5a1dc69920e5ec96c992159c77ed43ec0c8","ssdeep":"","tlshash":"cde0e561364d6d22b1ead1925354238f1e582be7419022b7cf1ee4b6db5f460ab86421","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.102241Z","times_seen":834,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":112,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-7qvdc-lgj2dq2qztkx91","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-7qvdc-lgj2dq2qztkx91 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg;charset=UTF-8\r\ncontent-length: 188985\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"afc1658e92f64715cc212c551c4c16f6\"\r\nx-mms-request-id: f106dfd0595c4aa1942d0c59d20ed4b7-691ae230\r\nx-ser: i2315799_c11272, i1940231_c22759\r\nx-cache: HIT from i1940231_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":188985,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x800, components 3","md5":"afc1658e92f64715cc212c551c4c16f6","sha1":"e3f6dc29cb0245a52ec40a633981ba02d030d831","sha256":"6e694d810e65737bb1d009c75f9fff1e50e1a185dc866f39b8475ce82efa7599","sha512":"e99c58397f677cc31db17d55c7f9067716496db366215bd905f7edf866e8b07ed1c9bbb8c4fe19da2195dd09f5eac8ad17977a440cb18830d38d71c46378ceb6","ssdeep":"3072:0bAjPR3Su8QyB5qd7sbYryZSQJZOIfy9UAd/SAt0Smh7ECwHksfoXU:KAcWyBEd7sblYQj/NAPC+loXU","tlshash":"b20445fd9626ff7dbfd90ba5b15cef7c1e281ab16c3ec41c5980640e89402961a0cd9b","first_seen":"2025-04-05T11:26:33.651326Z","last_seen":"2026-04-20T10:12:44.599699Z","times_seen":4,"resource_available":false,"data":null}},"time_used":813,"timings":{"blocked":576,"dns":0,"connect":0,"send":0,"wait":123,"receive":114,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-2d0c0c19.34f6450f.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.930Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d0c0c19.34f6450f.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-131c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4892,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4892), with no line terminators","md5":"125ff31db350cf9597538aa922abc1ab","sha1":"6a5ee9c564ee56ce697f4469e6fcd2e8648b967e","sha256":"b184355349c8e7751662b720d1dcb2cf653711a979e77f39ab0cf929c60b9824","sha512":"005fa3aff982e898d6a268b9f9a7c18f32c357a9a176ad994eded793e4d6d9bbbfefdbb4b34eb863e311271ffe7f96838b90f1fe3be6ef9f36ededcf875a67f9","ssdeep":"96:R23jRDcjo2jwseP922MiR0uK+H19SHCMcr4CMhYFqLNB04uoCDpxK7q5bCSXc1Jk:R23JlHsGhFyY1McFMhyE04xgxH5bCSt","tlshash":"faa1a9c4a6e5acc907935292603e31c1a312d21568237496bb75cbef7b6eb811d06b27","first_seen":"2024-04-24T18:56:40Z","last_seen":"2026-06-07T01:38:16.204753Z","times_seen":727,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-5915ee8d.4d30f435.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.528Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-5915ee8d.4d30f435.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-4b4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1204,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1092), with no line terminators","md5":"8b5e78b24520aacf7bec8f2419e1be5c","sha1":"62903d24b0f133599f40b273d371b21fb174ec25","sha256":"2fa561a50af8cb8d65d1565fcaf942bc2639da23d62626aa5cb772cd6228e024","sha512":"ab33cdb620aef3c9474596d68774fbebd1806e85f8e09592b9160090c4ea8a24d26c8d628edcd0df2d1c835937bc6b55c693601fadecd22f7a314bed51233859","ssdeep":"","tlshash":"ca21e084f4d3f67edd2b4446110f3a30f0921ea91410a4c2b174c4966779ee5571fe7c","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.21095Z","times_seen":811,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-385c545a.3ac6232c.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.456Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-385c545a.3ac6232c.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-f2\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":242,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"d215a57d93ebcae1ff01af2069948880","sha1":"79cacd45cbf0667d37ecdff1beb261415b2f37be","sha256":"78ac4ee0e05eae300b279d241d924a449cd33093ef41d3f2a2db8eca643e9485","sha512":"b8662d5cbdc28a7aac16c798416ad545f31270f86a673f4f90d7fe6b5e195b91486df11e792ce4cfbe40d8ceb06d3accf2c787d474534401c0ea02c2b96993af","ssdeep":"","tlshash":"acd09766b48c1100227ae6ab713183f484386383ee240713e237b4b0bf631e27148a07","first_seen":"2024-07-16T23:08:14Z","last_seen":"2026-06-07T01:38:16.105588Z","times_seen":632,"resource_available":false,"data":null}},"time_used":374,"timings":{"blocked":196,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-3ba48570.5b9bf82d.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.459Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-3ba48570.5b9bf82d.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-f3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":243,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"b8901b3823757d5f837487ced574adda","sha1":"e78d0c3abadc1108b637c4f3fa151ababbf9a70f","sha256":"0501c9258dba83079a93439098564ba2d4f40ea059bf3409387e9c43f8114478","sha512":"07bf86aa00e47d817520b1c2d17e0946a5aedc6afa75a807bfa927bbf2735fea7953ac1c4450b87e9e5d7e880c0e993e54bae1f2b37d3164d3fca1f87a179e1d","ssdeep":"","tlshash":"4bd0975334c08b8332318ac6b102b23e8cedf83fc3d81e1a0980d2f6581318f143a25d","first_seen":"2023-10-18T00:16:16Z","last_seen":"2026-06-07T01:38:16.151022Z","times_seen":778,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":128,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/static/theme3/index3/2.jpg","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.713Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/theme3/index3/2.jpg HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/m/index\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 61034\r\nLast-Modified: Wed, 17 Dec 2025 16:43:50 GMT\r\nConnection: keep-alive\r\nETag: \"6942ddc6-ee6a\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61034,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x660, components 3","md5":"4eb1d4f9d8f5fef2784cf9a5898e17ba","sha1":"6344e468f87bacd5dfd26329308e56bc845b52e4","sha256":"1b4ca1cbcbdebdf2fd30fa05ae3e1a9b8f18b650635cdad630f8307b038075bc","sha512":"298574155edcb123d49b49e1a1a575642d0dc16d71a185f0da7beab6942cd0dc8fd940ba85d91542a96411eb82cbdbc8b295bda9098b4ee12efa1e41318f017c","ssdeep":"1536:hL9r4LzeOEUMLp8U4SZWCKp13bPo1a/S/Zc2C25PT13SFYZq:hZszFosSVm13bPoc/KZBZT5/q","tlshash":"2e5301765b81bb29e831dbb3ccc29fa0d6a1be01e3356811d1921f76176c450398c78f","first_seen":"2025-03-03T23:57:52.219475Z","last_seen":"2026-01-23T14:09:19.547418Z","times_seen":136,"resource_available":false,"data":null}},"time_used":419,"timings":{"blocked":54,"dns":0,"connect":0,"send":0,"wait":180,"receive":185,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-1208543e.66b7af66.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.522Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-1208543e.66b7af66.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-d08\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3336,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3324), with no line terminators","md5":"be975a74c0a808d6e18bc308100f1a0d","sha1":"b59e8ea3b99405f507e081fdfc2ad6996be8fb15","sha256":"ba5fad0d7a49a3add3dba0c5b1d31279d314011a0938844ff1d3a5f3e143dd33","sha512":"420e469118370bf0ca743e7f89fd2ac52a0f58e7a6acc2060d6bf3446d7c0eb414471ececdbd0d9b03a52589ad7786484303f90d5c5b16bfff9ebd1035633bfb","ssdeep":"","tlshash":"8f61844c7093f4a703e69166783f3715e2b67a95d411e1146ba0c7c0f87496a232bfab","first_seen":"2023-11-18T03:55:04Z","last_seen":"2026-06-07T01:38:16.132445Z","times_seen":749,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-2d237720.471883da.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.130Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d237720.471883da.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-ade\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2782,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2772), with no line terminators","md5":"921620e96be524fffd62ac1e3eb4ee5f","sha1":"511b2be8f54ff6670d29086f78c2448d8824ca3f","sha256":"246d5330e04910431a9ccba22bb57791ccdb1d0fa6322ad451b38e962fcd7d1e","sha512":"8d29e3b06167939debe0b5bfdf235a55e279ed0ba855630d81bbc352a4600378a89584cf249eb344f1369b1bbd21cc9556c748f9aa836176d981828ddd9e892a","ssdeep":"","tlshash":"ad51988c71b6f99702d28247602f078be37537184c32e4117bb2c7c4e9aa496236675d","first_seen":"2023-07-11T16:55:59Z","last_seen":"2026-06-07T01:38:16.106729Z","times_seen":804,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-72dc411c.fca47f34.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.745Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-72dc411c.fca47f34.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-da5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3493,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3437), with no line terminators","md5":"8b4ea8ad78eaf5cbe82acd657598f6f6","sha1":"11c20300ed90f7b6e8c4e4c68c82e19a104c8385","sha256":"2e5535d67e19be4bd210ba0e3b58e674d7d737d73f000ef7bf3b9d481fee4a5f","sha512":"a50781f24cdb637a2308c8cb40a300b9ea58a6352bc9418f585d3d636d5025cc2e4e55a748f4be6bbe16cc23d119e7be18dab4cadf5a74c70fc240a22b97a0c5","ssdeep":"","tlshash":"1a71668c72c3f4590a77b135402f361ef165adc0981a5d81af64d5d63a6193c732ba8e","first_seen":"2024-09-10T16:42:51Z","last_seen":"2026-06-07T01:38:16.17131Z","times_seen":609,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vant/2.13.2/vant.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/vant/2.13.2/vant.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:12 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 67900\r\ncf-ray: 9b9f75aade565694-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"652e0e9a-1093c\"\r\nlast-modified: Tue, 17 Oct 2023 04:33:30 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 10104211\r\nexpires: Mon, 28 Dec 2026 00:50:12 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=uEJnU3Fkyt%2F8Y6aNBFINx%2FQ2VXTPfp2raHQkH82WCEoo3Ry4CE69ufYIqiXzdC5xMAWakp3izHvul8IU4WgboT%2BHhTbaOAlRVmyFNSHgTz%2FKOqHWFlpV4bepRnWnP2Q0Y%2FQirns3\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":279653,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (57301)","md5":"644f13180f8d398c886f534b07044cdd","sha1":"2d3349d384b50a385ed0b0d84a256be60a1e2201","sha256":"f5d6379be3cba230a20bfd8bf264805de16223e0aa0277c0fb68c3c0751acff6","sha512":"700886a3c2a288eeadeec4b09884566eecb30f2530259b18a45147f07a02103fb94e144ed643f690de26e8b76119aa639f210c0d687cc957c82318be053ec72a","ssdeep":"3072:XuhzovpPNdJ+fzFgMxnnocXJjyv7mF4Betr1G661LlS+b6aNSnIum/yXN:+hzopC0TmRQBPSWyd","tlshash":"0b54d78ab1c5b425079770b5403f110ab237298cb81a84dcba79e4e66d7ca5ca13ff7d","first_seen":"2024-04-24T18:56:37Z","last_seen":"2026-06-07T01:38:16.166644Z","times_seen":950,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vant/2.13.2/index.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/vant/2.13.2/index.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:12 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 40107\r\ncf-ray: 9b9f75aaee655694-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"652e0e9a-9cab\"\r\nlast-modified: Tue, 17 Oct 2023 04:33:30 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1496803\r\nexpires: Mon, 28 Dec 2026 00:50:12 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=kx4mdO9mL2vXIq6v61woL3J%2Bn%2BhT4zt7FyCJbU20n9WxAT3ZEymu99Jr0orJEAumV32Gmc88D93BfCzh1xrm%2FqPqBu7zVtiBw4yvPywLSWeWYlVzfBCPt2Rk1uc%2BEgrYjVQxcjex\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":146877,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"fba0b10cfa931074254e7531f2cc9373","sha1":"eceff9fb867e11786cbbae234d0c697f0dd445d5","sha256":"7a6dee2202c1dfd3a499f873dee167942e255703859f86107d6bfc2272ea14f0","sha512":"556c2196cc479fd20fb3a1a6ffd6ce4836267b940a2b95bbcb8851d3f3a3e16c7286cbfd9d59ee8eb7ad5e3b58e3ba6d31d4ebe0cd0fd0cc2a30f1deb1ff6ce7","ssdeep":"1536:KC3MhK25tWrWoK3Unrx3WqyrtpqoSWEDZMAfP1rz12VLSV:KcrxmNH9yD3fNfMSV","tlshash":"36e3d52756c0236cb31bcd219bc496c5e224c123f5121bfaf1517a2dcfdbb9612a2b5b","first_seen":"2024-04-24T18:56:38Z","last_seen":"2026-06-07T01:38:16.214222Z","times_seen":952,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/api/poster/notice","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.848Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/poster/notice HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/m/index\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T06:05:52.434608Z","times_seen":5283,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":95,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/api/grabGoods/randomList","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.854Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/grabGoods/randomList HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/m/index\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6265,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"391861a89c35f087f319a72d2556857f","sha1":"1895854d6baf3325ddae6be772f7006a50b1cb51","sha256":"4ff2feb81d28cd224c2fddf11e2575860b1bc9ea6002e942ba28366988f4e20f","sha512":"08cf28231b7ef32e23fe278255c659fa0dbd2ed878d4745354b2f82c3d30c418f8877dfb92c04ce4fd05ae22edd6fbae156e5e1ed95106bb7c5df91ad806ad62","ssdeep":"192:eyEyAXC5lBlIaqfyvqpVjqJ8oLp0LD+3CVHdCxXV7XXziMHVemX+R+/:eyISvDnqavqVW6U6HhloxXjnHVes+a","tlshash":"2ad1134f8bd4b8a8ad80ca46501bb5ce50d97f1f92b0c78d64c29e5cc298af726dc4e5","first_seen":"2026-01-07T00:51:01.280827Z","last_seen":"2026-01-07T00:51:01.280827Z","times_seen":1,"resource_available":false,"data":null}},"time_used":503,"timings":{"blocked":269,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/api/file/banner/202512/18/350aa1ddd2614651967725927155dd44_.png","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /api/file/banner/202512/18/350aa1ddd2614651967725927155dd44_.png HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 00:50:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 17897\r\npriority: u=4,i=?0\r\nvary: Origin, accept-encoding\r\nlast-modified: Thu, 18 Dec 2025 04:37:54 GMT\r\naccept-ranges: bytes\r\nage: 6622\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nwNa0ojc0rnPW3tqWo%2FgEisiweXOAJ3BeyaKpAJnLyoKxnUNkUJbjM08Awx5Rpb3d9el62XcjXHaH10V1X9rza9hQFt4%2FNcl%2BXVAbGWoXMgQp93Hn%2B0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9f75bd286256b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17897,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced","md5":"ccdb52f73f369331db2ba88ca3db0b69","sha1":"7c3d20e3ae6725870c64d2583450f0ed00142c2b","sha256":"cfa3b33563dd12adc80192518f16bb13ddce3dce7cd99728d14dc797e18ea700","sha512":"e6c5ba08d1be468bb7d6ec4282ffc9168acdfae2cf28726ef59c2061b3e8acb041ef5d33c4c177f2757dd380dc8337563682324e5a1dc4a2825fd0986623201a","ssdeep":"384:iEkxuyiLEoHkPQsOeTHcZ//CLUPlYqyzRfshauXCcmmu:bkgEoEPfOejcwGXyVsYHx","tlshash":"9882c0967f72b5ce40ba65336449a75462631863ed9b0b03b139f82e41450bdcb7ac25","first_seen":"2025-12-18T19:47:47.628168Z","last_seen":"2026-01-18T21:42:14.353146Z","times_seen":87,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-7854e294.f3b0a863.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.579Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-7854e294.f3b0a863.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-1562\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5474,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5474), with no line terminators","md5":"88efa5f564f87e621de9089cc26bdc25","sha1":"981ac655a8a0cbcffd823459cd3df95350c5ecad","sha256":"2405b79c7d6b27c2427a5150713bdfa6e11e63ad7204aa9c04dcc01d67a691ad","sha512":"147b70e6510cde45c2e4680406fe0a8518f1a81bb7eb937d57e00ce29d36e85db2b817e7ed035123f01a188e251e3fe0ac234b0aab658d2926a524e1239b95e7","ssdeep":"96:yKXWM/YcnhMUsZl3gl3+l3XIKHWQec/0M5l3B3Q3Bzxl3ii/hkG7fA8:yKX7GUsZlQlOlnIKHXt0M5lxArl95","tlshash":"3fb11133765c5118b53bd8e1a55d2ae68144fb77e10247fac85d6e30cec39832ba1b4b","first_seen":"2024-09-10T16:42:50Z","last_seen":"2026-01-18T21:42:14.32453Z","times_seen":213,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-077d4adc.6b70ace8.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.322Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-077d4adc.6b70ace8.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-7bd9\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31705,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (31141), with no line terminators","md5":"5b3d985482c9e2101435b71f32a3728e","sha1":"f0cd59990706c48ea092d6ba91d3a8c9155e5e18","sha256":"967c39c6d3b7edb33f81020d4ae226df4c7cfceb6dc0cb8d1b38f5fdad45db94","sha512":"d19086984ce8fbeed4e96ea687ceafa4e3b85cb72100be84dbd0f462bf7391c6c1e140860513d6433af09a7401e5359787f99c944fcc1e94fbd0bc7e0c856516","ssdeep":"384:s8yd+4HqRh2vAF0SvRsX6Y9KRpE/YX7hc:sHd+HtFHq6Yc7Jhc","tlshash":"37e2c744f0dbf67f4c9aa011006e2a25a2397fdda418e085fb7cc8d45898865bb7de7c","first_seen":"2025-04-07T11:12:04.277033Z","last_seen":"2026-01-18T21:42:14.185202Z","times_seen":126,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-51454bdc.f548a4ec.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.325Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-51454bdc.f548a4ec.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-16a4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5796,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5642), with no line terminators","md5":"3ec0eeb7153814edef2ca2c843a6c148","sha1":"311219b2402dbe49c012be2f3032f21cb8301d0d","sha256":"517eb1f96f887ef09fd920c87c025ab8209e739971b2d8d7e9ca82be49c74ea3","sha512":"6feca234540f2cf2b137ad64d0bc62657d7f1305047c13416be74997813262308f2d4e7abdc26425548653a4884fb196aac3f990e598e2d24a2d46aba12fdb98","ssdeep":"96:xZWC6Kz5WKadEQdTfQyvTCgze04bjutHl/H+hWyhjYKD4btLDSS4:xZOtwXFYAOtm","tlshash":"5fc1745cb0c7f518662a21b1601f3008617276c4691dc281bb7cdad65bf4938ab2bfed","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.135678Z","times_seen":808,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-26742610.16a6d1ec.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.411Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-26742610.16a6d1ec.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-1757\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5975,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5975), with no line terminators","md5":"b7034b9c5a91155c1218d1b43b7ccfff","sha1":"55c71b9cd7810ac2a6f74b535a29e41e3dccd5a5","sha256":"c9cb7b24272f1e78ebcbad236be97ed9c9f54c8285f32ca529ca66bb352cf23a","sha512":"6cf52e140285ea268b55b9475207c4cb741045166a7b7c98e79f1c040177a766368c9536da26abbdab59aeb53cc4a484e4260eb786bfb5700302e563b22daa64","ssdeep":"96:DDXXWaHjrWxvl3EbWZYOcXUHA43dLi/+kS:DDXXnHjrQvlUbANf","tlshash":"3dc1423378656608d02beb343ae41acc63a8f103f55313dd44026a25cfcb5d7357b6aa","first_seen":"2025-01-10T12:51:25.863375Z","last_seen":"2026-01-18T21:42:14.203885Z","times_seen":131,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:12 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 6201\r\ncf-ray: 9b9f75aade585694-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402b-5915\"\r\nlast-modified: Mon, 04 May 2020 16:17:47 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 10104211\r\nexpires: Mon, 28 Dec 2026 00:50:12 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=2AAGKTlbV%2B7Xtjg7WACTuPRk5F5HVwNWDUW3%2BuQ%2BOGCrmULQdQLgxhw4ef93VGQvvgpkvK25ZrxnSMshwk2etz7D8aLi9%2FWFLX1OGSujv0A%2F3oKQvZeClg5zgPVoh%2FSPVDyBRatd\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22805,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (22712)","md5":"c019be63e713ce6f2aa221c0df8fa0cb","sha1":"e5471888945144f233714d470959059c010eb667","sha256":"87e6aba4bd25be4196ad7f269a62de823242abe105df538f218d4e6e268f74ce","sha512":"6ca3ae5fb17dc20a2c27d4008454feb7cefc626bf104252354c1abd0977f73a315001d94293a7d4379ecfda6ba21d3f49a992f243a6f9249c935195527d407be","ssdeep":"384:BPdUYakDlUGQrDQxMQ4rJaT30WCxQI1cg:DUYzhUGmUMQUX3","tlshash":"cea2b7c6f56270270a9260e5183f1107a33f241d648d855df2d6e8ee2ebdd8e91a3f39","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.100935Z","times_seen":1153,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":4,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs//Swiper/4.5.1/js/swiper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs//Swiper/4.5.1/js/swiper.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:12 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 28993\r\ncf-ray: 9b9f75aaee615694-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03cf2-1f6e9\"\r\nlast-modified: Mon, 04 May 2020 16:04:02 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1549486\r\nexpires: Mon, 28 Dec 2026 00:50:12 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=nOVeSDVc8%2FzB8do%2FAJscXU8f3J02MhM4zHhzMMpZF1fFzNypCnZmNRDR7BcZzc5%2Be9lAgq4D6gdX4wu4m0hRQ%2Fw04LGy4A8tF9FUEqzucMzZT5WRq%2Fq%2BRqM0mBHq2nMVoBfO%2FPkk\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":128745,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65269)","md5":"2ac19265b38d14235141d184bca54d9a","sha1":"c725eb5a33d093e331e25c3a5ef1272b0f1f648c","sha256":"e2c1132a1877692ca2e8d46203eaae9cf6936b0a9230341c6bfc4b5aedbb1e0e","sha512":"6476ae51cfef0724ba254cff1e5d68f2cda477840954b01b933f1c9608ed6ca5094fe006d5cef7e5a32d54b25fb4a418a3e2c3eb642bcafa0d6bebaacbeac21d","ssdeep":"1536:O/pPCitsufJthaK85kqzOAkRlojU6tU8r5MhkhGllpcXvH7WcWUKcOqylFE8BtOa:+JthJkOAkaRaaGl4fH7WcWUKcOqjtYD","tlshash":"2bc31849b35071e551e72256539ed601a3b66845b90ac0a831b2d8d7acbce8c03bfffd","first_seen":"2023-03-07T12:58:52Z","last_seen":"2026-06-07T01:38:16.149761Z","times_seen":2386,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/api/banner/5/list","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.853Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/banner/5/list HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/m/index\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1261,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"5d74d744797b9b75458701e6e3b20376","sha1":"2ba9840bbd8f5de1419a92791e3a461eb8118cf1","sha256":"86b26f6b400a9a0d07af83a48f7eeb2aaa990c12a59f674749258990f119f43c","sha512":"ba783efeb9c33bb4dcf0512010e53b312a5582b9115a88cf8cd3f430c21d5e8cd6ad20d3717eb7e502c4c40dab9a1cc569da0ff72c60e5b9a19d018682f4d111","ssdeep":"","tlshash":"a421260ac779f8f9bc1b448741fff589d878721fc0d122543242c8ac8598eb5695da6e","first_seen":"2025-12-18T19:47:47.677423Z","last_seen":"2026-01-18T21:42:14.178296Z","times_seen":87,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":157,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-7ebcf264.7f55b795.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.710Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-7ebcf264.7f55b795.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-e4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":228,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"f50f7b25d10e1011c1213d3dc964e327","sha1":"742a5a63bc41a56add9d12ec38d5970773b0eedf","sha256":"a70bf3ac1aabfc84ecb8d3cbaa65f6cb888b3f8973208634a3dd162570159dff","sha512":"954bd9158708cabe9cd26453c9d001e5f976c0c81516bad128c8d28fed0ef6ef3e61e9695040882c6427bbab49c1e2024b1744ebc594858abb6cd9946464e7fe","ssdeep":"","tlshash":"1bd0a75ebc4c70017a7bd487714042fea41867515ce44696a0a764607d435d2a199116","first_seen":"2025-01-10T12:51:25.878502Z","last_seen":"2026-06-07T01:38:16.142773Z","times_seen":551,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-7854e294.45279eb6.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.939Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-7854e294.45279eb6.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-6ff1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28657,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (28351), with no line terminators","md5":"73559e2133318357d43cf1277cc084d6","sha1":"41d3bf4a6d48de907e01ce0234f6e5134329a093","sha256":"50d520dee97478d380eb4a73471c2cf2ba7d62b4a67beaf7382fd4c4878a269a","sha512":"9afdb307f5d89ceac4bb9003aa6f7c4ac45b9aa198729ef15a9b88242b71a0c4a3eed238cd98e9d853d9684b15da4ccf84df9ccb36cf39399f5f382523a4120c","ssdeep":"384:Na0KaUGUJUEUIPE8Zpl4bIqP5hknUaVZLkh:Na5daPopl+iUa0","tlshash":"2bd2b619b8c7f56bdc6aa021402f2935e1352ed5a125f081f734cea0a5b9c743b2dfad","first_seen":"2025-01-10T12:51:25.927339Z","last_seen":"2026-01-18T21:42:14.339254Z","times_seen":129,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-0fb71da5.1845208a.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.949Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-0fb71da5.1845208a.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-96\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":150,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"a16f794c0a145c1c80935768a6f89215","sha1":"8c5ecd9726e91413da6bf4a64a03ebad9e3ad63e","sha256":"451137aea91e2bbb7fc78da84808579fd41a97b0235ce2147c1409f7af14021e","sha512":"c2453e6b3009889ee2e0cc97465e1b7af76ab73ff4be50e87bba6a8e1d03ec515fd62647a8eb1a5012dedf1896ba036d703ff261bdad4a75e505ee904b9f344e","ssdeep":"","tlshash":"a9c02b64740852654133c082c4d00c831019620fa62b93f78e01dcb88fcb188769b864","first_seen":"2025-01-10T12:51:25.854624Z","last_seen":"2026-01-18T21:42:14.280085Z","times_seen":131,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-189a2af1.2e2a949a.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.954Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-189a2af1.2e2a949a.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-af2\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2802,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2802), with no line terminators","md5":"966516d12c4531cb81cf6ed4b46ab92d","sha1":"b8ed7747738ba4f4d5826a71013a5193efcb474c","sha256":"972fb6c2f201749077d73381916e96c62b0271d542500f660aebbe9d6aa3267a","sha512":"15bd68e669e7d30dde5e6cd28a725ab79fbd48dd1fe8f335981bc28d71b72c7c9261a67179bdf6dac513fec536965303ce5a244cc3f0da34fb55f2ab95ad7dcb","ssdeep":"","tlshash":"aa51133f6714771ba027e85447d80faa0218e227f11326ed1d1b9a25cbd7ba60f6d48a","first_seen":"2025-01-10T12:51:25.857427Z","last_seen":"2026-06-07T01:38:16.104466Z","times_seen":596,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-1f95804d.2dca234c.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.959Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-1f95804d.2dca234c.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-8b9\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2233,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2233), with no line terminators","md5":"ac99ddf2ce101c2c7a635e984f458ca2","sha1":"8c8b48207bec3bdfc96e782a13fef81bf270022d","sha256":"ef2504ed4aa5d021524832a4351b4d5cd9bdfacb6d5532e985177f890ce4107c","sha512":"ebf3f7233cf178b3d323c088c9502affbe32fa97e191f301dab7b83cb76c21229d2b351f92442321440d73d87f6e0e7001018bfd8c1352dc66a665771dfee449","ssdeep":"","tlshash":"f1417493b8851145f4279e3093ce4e685239c777992206df334634da8bc3aeb37a671b","first_seen":"2024-11-21T12:34:27.304932Z","last_seen":"2026-06-07T01:38:16.163831Z","times_seen":553,"resource_available":false,"data":null}},"time_used":342,"timings":{"blocked":163,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-26742610.16a6d1ec.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.166Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-26742610.16a6d1ec.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-1757\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5975,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5975), with no line terminators","md5":"b7034b9c5a91155c1218d1b43b7ccfff","sha1":"55c71b9cd7810ac2a6f74b535a29e41e3dccd5a5","sha256":"c9cb7b24272f1e78ebcbad236be97ed9c9f54c8285f32ca529ca66bb352cf23a","sha512":"6cf52e140285ea268b55b9475207c4cb741045166a7b7c98e79f1c040177a766368c9536da26abbdab59aeb53cc4a484e4260eb786bfb5700302e563b22daa64","ssdeep":"96:DDXXWaHjrWxvl3EbWZYOcXUHA43dLi/+kS:DDXXnHjrQvlUbANf","tlshash":"3dc1423378656608d02beb343ae41acc63a8f103f55313dd44026a25cfcb5d7357b6aa","first_seen":"2025-01-10T12:51:25.863375Z","last_seen":"2026-01-18T21:42:14.203885Z","times_seen":131,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":125,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134202-7qvd5-lgx7hvc1vlsz5b","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134202-7qvd5-lgx7hvc1vlsz5b HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 44091\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"69d56e3ff4f1af0d5c7694fe4b9310fa\"\r\nx-mms-request-id: 9aa5813fe2a945f9b6421ef7988d9cec-68c5051e\r\nx-ser: i2315825_c11460, i1935869_c22759\r\nx-cache: HIT from i1935869_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44091,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 648x566, components 3","md5":"69d56e3ff4f1af0d5c7694fe4b9310fa","sha1":"83c63eaac24561ed04584804fc9eb6698d047687","sha256":"59de374e2365daa9bee59aefeb864c4433ab89eb47bc9848a96f2cabf0eec39a","sha512":"43d87912d2986d65009f585c65c5542221c47b8bd99c739b697ea35ac7efb486d2c84c8f0984931ce0dd2f6edf76d87f90f53652561fbca61acc876f0988217a","ssdeep":"768:VhUkl09N5tmkwNCwl7rKtOJLCIO+4y2bC0uG4D3xnG13SFy8+K6KCLlnr:VhUkmL56NCwRsIOhyO4LD3c1T8+XKCLJ","tlshash":"9413be13dd549e83e655dbbdbf2a0c780b4e6308e547bbfa45710ecbbb001265d8b528","first_seen":"2026-01-07T00:51:01.301212Z","last_seen":"2026-01-07T00:51:01.301212Z","times_seen":1,"resource_available":false,"data":null}},"time_used":719,"timings":{"blocked":610,"dns":0,"connect":0,"send":0,"wait":105,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-63cdb844.0f451271.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.740Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-63cdb844.0f451271.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-54f3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21747,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (21605), with no line terminators","md5":"43222c8ff47800ae285cc8afd6bf4b80","sha1":"11b7e098207d9bbc4b18722e59f53d3f9c98b2a4","sha256":"328b98d25a214dfa96e4e6a7e428bdd80e807df672c53da58f90d03080251f0b","sha512":"3b38c097707ce2c29426102eab0dc03641141f301e678d20a86688c333c2a6731f0b666f532e416b8459a3d536ac59de8a4ceecf707daa475c11495895c44e7b","ssdeep":"384:8cRo+QngYWuRIIuMehkA8MLjjBLLF8BWglxiTmMebqiSMMDM1j0LIFE:331UZkb","tlshash":"b6a2c8cce98aec270ed3b2be342f20d5a21b906e7805145ff3b0d9de255fa516821776","first_seen":"2025-01-10T12:51:25.92124Z","last_seen":"2026-01-18T21:42:14.208783Z","times_seen":128,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-01907c11.704371d8.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.750Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-01907c11.704371d8.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:13 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-ed1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3793,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3793), with no line terminators","md5":"d3979b2dddbf8980945fbd13a6554ec2","sha1":"714b4b5e637b7285ee7a4d8f363daefa18d934b5","sha256":"ab340e563778f6ee3e55945b1cd40b295d6e306bdb16901a4028c31496e06e39","sha512":"d20b436ff82b79ca7fb3a41c73b0448a18ecf5c85bd459990932027a4fb6173e18d419cee01e5d54cdbcaa3a358edc8a01d3110c5bc0f93a1d26b07c6255e88f","ssdeep":"","tlshash":"73710227f3c91651e4a6c190b7e04dddc23ae91233118abbdb832d3d5f9b3132566867","first_seen":"2025-01-10T12:51:25.851081Z","last_seen":"2026-01-18T21:42:14.155054Z","times_seen":131,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-7qvd6-ljwgxodfvluz3b","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-7qvd6-ljwgxodfvluz3b HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg;charset=UTF-8\r\ncontent-length: 804255\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"9e4136eca6d7306184e92a8747ec8eae\"\r\nx-mms-request-id: 4046625c2da0495698f3c8e1a3f9dc86-68cc0f46\r\nx-ser: i2315741_c11460, i1935921_c22759\r\nx-cache: HIT from i1935921_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":804255,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3","md5":"9e4136eca6d7306184e92a8747ec8eae","sha1":"8772012896d6d40562831e1790a8c8896587a726","sha256":"fec3510ad81d12cdb2fd40ef09dd91411feff265ef36701e37969079a8243440","sha512":"f12d6f0c59c5e7c19ab9c7a045faa83aafbf2ec98f74a14454198a4b4ceb705f7bb159b89ae7c05280b5109c1281d0e2e64893c42d9aebdb09de21d1e36b9562","ssdeep":"24576:XpVHn6riOYASlPh3d9kBDDFAzkUwMTZaOE695:X3Hn6DY3Rd92DUkMTs3695","tlshash":"a205234ffaa1cd42d82bb5124f06d3372f75f9fb28005f352358a534b61692af866253","first_seen":"2026-01-07T00:51:01.30394Z","last_seen":"2026-01-07T00:51:01.30394Z","times_seen":1,"resource_available":false,"data":null}},"time_used":844,"timings":{"blocked":613,"dns":0,"connect":0,"send":0,"wait":77,"receive":154,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-74d1c393.217d77e2.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.747Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-74d1c393.217d77e2.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-6a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":106,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"bff42bacd79f07fce7ce3f63cd11e1df","sha1":"709f2f4f8984cd122f4b23db3422913ab869b1db","sha256":"947aa535d6bac3e5cc1a59fb1aeeef43edb1735ff58581096ff111744e2c5811","sha512":"cb348fcd81a8576ca4b833d7437eabb4c8d38dbe2313203e2e19b727c33b87af5a12140e9848528188d08c29ddec0ac441b913d6a3e26086dfb77d54b8032e2f","ssdeep":"","tlshash":"bbb092ad2018b41614bf9684121733e50d4a12092fb229a89b6800a06a2598b452168a","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.183592Z","times_seen":803,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/api/translation/list","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.771Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/translation/list HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":393,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"58b9dcda65416e86d6127ec925acb3cf","sha1":"ec490693d6856fbcf0358f57db94d7dad6fe89e2","sha256":"f0ccaef475d6ccd03875475914cec7efa0be8df1a40f9c3e681b87244ac35310","sha512":"3ff1da6625134d9c10bf75c9d1cc7739e03a8ebbba01316bdbeccec626103d28ec6cd5363bf87b3d2982dcba7923ddb64eba2e5e75aa96d656804e2d66d4881e","ssdeep":"","tlshash":"57e02b30854cbcebf94284c28e0ef21224ec4531ab093a1ce5c8173511deb2682c4853","first_seen":"2025-06-28T06:26:51.110564Z","last_seen":"2026-06-04T10:55:59.601326Z","times_seen":294,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":154,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-2f854f93.59a5b0d0.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.167Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-2f854f93.59a5b0d0.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-94\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":148,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"91335324eaa697b13a8476e9ca26b46f","sha1":"58ab7b787cf8b7905a4860b093ba05d49538a07e","sha256":"11fce1fa144053c50cbffca168b6a326485b431a7d0a0b58f83d916cd6b16a4a","sha512":"ccbbd2a33feee9e770ad17ebbd8b0f936479660a9e806a8da2d81b418c548dfdf5b6a2807844224972b1192d182965fe5d8dd75744de445b220cda6a047e33fe","ssdeep":"","tlshash":"b1c04c71142ca0bfc937c52800eee4cf1435b226d173d0c5488ed6a418ca600387836c","first_seen":"2024-09-10T16:42:49Z","last_seen":"2026-06-07T01:38:16.231375Z","times_seen":674,"resource_available":false,"data":null}},"time_used":315,"timings":{"blocked":136,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/api/banner/bottom_nav/list","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.855Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/banner/bottom_nav/list HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/m/index\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1337,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"cc7905e9638fec6f2a6027f39439654d","sha1":"8fb60610867609dbb40af3c322e935281afba019","sha256":"09fc111b2cec40b3862ca173f01aef296712b55811457302d0e397f8dedc91f5","sha512":"3ab9d531849b02197ce56a6e0a39dc4f6f7f310b49964f4e94cdf425bd31ea23c982c8f0df61ac90e8fecb89d9636b1ae3b060b9df59c74e6c97f128bb666481","ssdeep":"","tlshash":"6c214b128698fc794dc0d18215afb886c449322fc1e5a121b5d6eddd46c89eb370f9cf","first_seen":"2025-12-18T19:47:47.714236Z","last_seen":"2026-01-14T15:15:59.591801Z","times_seen":77,"resource_available":false,"data":null}},"time_used":450,"timings":{"blocked":270,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-62a9efce.a1c2f75c.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.866Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-62a9efce.a1c2f75c.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-d73\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3443,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3443), with no line terminators","md5":"a3c7f40f0c8b465b29b017b388f3b3df","sha1":"c9bae219f9bfad67f0d5e60a87dad18b81c08bdc","sha256":"b1c75d71125796bf67ed3f98227622683636475f7be80b9f026167f5164b69f3","sha512":"b326254ef841679e279b10abad0726f379147b7387816a1bde714e579081e333ae00de1b2d3eac0470c5f51944ade77aa8fc9fbbf3ce8eb209daaab83b643716","ssdeep":"","tlshash":"9761be323a597209e46bf560f6a01acc53f8b613d20302db45076b218ecb5a238f9b69","first_seen":"2025-01-10T12:51:25.87288Z","last_seen":"2026-06-07T01:38:16.170318Z","times_seen":551,"resource_available":false,"data":null}},"time_used":674,"timings":{"blocked":491,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-dd580cf8.3b8d239b.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.945Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-dd580cf8.3b8d239b.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-181\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":385,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (385), with no line terminators","md5":"da304e91f724c981b86055b5b892242b","sha1":"09113eb4172667d4e4b89785a76899e15a16706d","sha256":"2f621728e4a02dcb2938d8d5e36bd42b2d74ff924d44bafeb4dacce343ecbc6a","sha512":"04c4ffa9390f2d410b78681160fb8a623308f0a8b2afd6688bcdaa499ee9aec0aaf19d4b952b951acb2372276faf9675dda8dd12bf7fa866d5984aa836dbb632","ssdeep":"","tlshash":"6ee092c4f4986255b137d28f56e5e7d93c45b667e4060b24fe5ae8398c036b6302274a","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.158112Z","times_seen":835,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-1ae0d026.75ccbb1c.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.727Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-1ae0d026.75ccbb1c.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-b82\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2946,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2938), with no line terminators","md5":"1cdb27ecc836ba8a76674653178fa40d","sha1":"4f58ff0c140cffa78fbfcd3b191339d134f10544","sha256":"52aae7c29ebf7d6a2242adf285ae523ed6e1546e480daf21c9ef4643db76bd26","sha512":"ca9b922d96db8ff08a22cdf42489804bb87adfe3745874fb96dee2b82e42aee18a86c63094b833a528e0194829ed01ce955ac4b412a6ed5422fad96c255bc089","ssdeep":"","tlshash":"5e51836d3587f06bce726062810f28b892b62d88710d74d2fb7cd98871a94d05b39abd","first_seen":"2024-09-29T13:50:38Z","last_seen":"2026-06-07T01:38:16.234661Z","times_seen":592,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-ea10d27c.d2a9ac0a.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.342Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-ea10d27c.d2a9ac0a.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-2a6f\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10863,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10785), with no line terminators","md5":"5582c866f958f4fac17ccfab44b6bf65","sha1":"941554a136521be2ea345957cd8ae31b6610df2f","sha256":"3d66d606b04a9129f9857949ade52a6022553fc4d9aee0716a045e7fef687462","sha512":"d1f44c754834544b6e6c8923edda1a17125c191906d03e28e2ea0520765d469ca93bcb65c4d663ee004adaed76df2eb7904ab2822155c8665485f0e36e4c1734","ssdeep":"192:RwjcV8+s+lp0WyLAhU50QN5+npu1JZwRL2JxAvuZy/0vnA1z+Wf3+jMMq+rUBd+D:icNs+QWglxuRITmMeXkQLMNjsLxF6","tlshash":"c222e9cce68aec270fe3b2aa343f30d5a21b806d7815145bf3b0daed259f9415921776","first_seen":"2025-01-10T12:51:25.843103Z","last_seen":"2026-01-23T14:09:19.527507Z","times_seen":179,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-ffc2961e.aa987874.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.527Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-ffc2961e.aa987874.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-29de\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10718,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10654), with no line terminators","md5":"881474b27e9e004327f03f6ef6698400","sha1":"8756e7d95bd51485c00488a4437493fdc20c58e2","sha256":"08c6496487409059e483e74dbadc14d9e467756921397eeea737289ee6b9b616","sha512":"8a574705d5a67569009decca3f7b93d50753709aab532f8dc0897c6603e4ca5b1328014679f30cb93be46560899758a69ba900ef92271f8082bba404dc99e6f7","ssdeep":"192:nwKcJl8B+lp0WyLAhU50QN5+npu1QwRL2JxAvuZy/0vnA1z+Wf3+jMMq+rUBd+uu:9cY+QWglxRITmMeXzfMNjsLxF8","tlshash":"5d22d9cce589ec270ee3b2aa343f30d5a20b802d7815145ff3b0daed259f9515922776","first_seen":"2025-01-18T12:14:07.095297Z","last_seen":"2026-06-07T01:38:16.112302Z","times_seen":532,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/lib/mobiscroll/mobiscroll.custom-3.0.0-beta6.min.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.280Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /lib/mobiscroll/mobiscroll.custom-3.0.0-beta6.min.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:12 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-3b4ee\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":242926,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"0005accf931955eec5ed86f897e0d360","sha1":"7ae89839cacb8637600a3b0067fe8611edae2f65","sha256":"277dccf22d817aecf00496f547b3704907d454570f579e5f9d147435de498557","sha512":"121b37b857ea680cc979ad6337a0ecd55bf08cd25db73f7252609c7eee616b62d68da9a906d1d7b692c28901db52af573ca473ea0ee321381a453c1dd46b7c10","ssdeep":"3072:AJW0UArN86OfTq6asxZSfXl3ydsO/NPaa:Dq6Loe","tlshash":"a23477a1a706114b743ac997bdc2e7454a18bee3d0224aedf11758d4f7cdaa42cb3f09","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.103862Z","times_seen":853,"resource_available":false,"data":null}},"time_used":377,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":180,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-5fa5b614.e7717dbc.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.864Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-5fa5b614.e7717dbc.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-2f5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":757,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (757), with no line terminators","md5":"93e58eed6ab7acd54df2aff829074120","sha1":"8bfe3d71f6c4196a471ba90e3f5b6f604257dd1c","sha256":"8ec02c9c38bb7c1f042f663475134e4d0cbc8b627c6243e910b3b82813ec10dd","sha512":"db030b691bf70c92493038f754f1fada1ae8f65af1c71a7c975ab33bc55b023c65ca27273b49a4900f2cda2089a66bad2b1bf5921e8ac6580c860a28aa51623a","ssdeep":"","tlshash":"a5019ca87a8ca1373d3bcffd34514ad022636b1261845ba57c68b470cd4b4a621e1b6a","first_seen":"2025-01-10T12:51:25.872082Z","last_seen":"2026-01-18T21:42:14.155748Z","times_seen":138,"resource_available":false,"data":null}},"time_used":637,"timings":{"blocked":456,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-7qvcp-lhd8r9rdldru52","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-7qvcp-lhd8r9rdldru52 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 159799\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"43c7d0932d9657d9b0fa5a737e2aa980\"\r\nx-mms-request-id: f3f3d21cd39f472aa1116ac08cb9b4fc-68b3cc6f\r\nx-ser: i2315739_c11460, i1935889_c22759\r\nx-cache: HIT from i1935889_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":159799,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1024x1024, components 3","md5":"43c7d0932d9657d9b0fa5a737e2aa980","sha1":"1a3a8ca7735649ec5bd27f014895f4adefd8eeba","sha256":"13b56262586cfe887bbbb2f6079560e6049b2959ab0183d69dcd5b8ba7f97de5","sha512":"8614567bddfaffca36d3107bb49310677585c30da2d69e5028371d7a4f1c3b4dec764342bde3dc201b9e7d869d2360efd453166bb35037960304fc666cd56e63","ssdeep":"3072:2XthCaB7v5dwjWZjRaDGulWRRmmqxeFbHqBCl9JJseadWzUK6+aND:2d8SvPwjWZj8YRmmq4b59JJZad46+at","tlshash":"bdf3df53dc4a8b83d61cd3b8bf035d686b2e529cfa9176ed11320dcb7e892215d1a07d","first_seen":"2025-12-29T13:35:13.239015Z","last_seen":"2026-02-04T17:55:16.230139Z","times_seen":3,"resource_available":false,"data":null}},"time_used":803,"timings":{"blocked":573,"dns":0,"connect":0,"send":0,"wait":122,"receive":108,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-250cd2dc.d98ada1f.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.731Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-250cd2dc.d98ada1f.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-3a0c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14860,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14654), with no line terminators","md5":"4724bcd21055c96f1e1a25b9386c256b","sha1":"24fc973af86900a162067f41cd2661776ca02714","sha256":"1ea37a8dc1be62800d18f16269869838e61eeda63fd25cd470253a179febd668","sha512":"1eceb7bad8ca3b5570018efbb075ac3707f8bf8fec8b8f862a07c8c7f16c7e175b1f9e03108b785045c951682a7bc1922d81b79315f5a330a0fef39509826972","ssdeep":"192:SnqbyX6fWRP/zWqs3fbPjIFa3jDZ+ZvlJbJQl5jdoc6cjL:SnqxbpQZ9JbJQB5","tlshash":"71629718b1c3f6ab496aa021452f3524e1327dc96416e546ff30c9c47a29d78372ef7e","first_seen":"2025-01-10T12:51:25.906128Z","last_seen":"2026-06-07T01:38:16.204047Z","times_seen":533,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-ea349f08.a49fa54a.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.497Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-ea349f08.a49fa54a.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-87a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2170,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2128), with no line terminators","md5":"69719cda5f48df75402dbb854d393961","sha1":"88dafda9b3e29fdd65ad515d43f05237de75150b","sha256":"a11f76bfd4fb7e4110a084ea19ea48bfafe80b262a06420953ebd96c413a5bf9","sha512":"0fafc6084405875c2e200208814e589a35a745c4d4e068d21995dd2718ab151f267f782341e9e995598ceb98d61f5657d17b334226ba0011ed80a36ee3d84f12","ssdeep":"","tlshash":"3941434cb093e0a989afe023651f2739b1f27fc5d001d451aaf5cac02a54d74332eb6a","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.116113Z","times_seen":807,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-ebba634e.da4d53e5.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.514Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-ebba634e.da4d53e5.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-717\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1815,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1815), with no line terminators","md5":"5740f904c8262dc6212f3829d30d1baf","sha1":"ce66dfd5774e04ce19c15b61fd8a062b7be2e27a","sha256":"b5ab173e2a2b74cb72eed68c93b32ac85d30481083f88822e28b7322cea06124","sha512":"d3bcd5ee93e8a56428411a059377aa749f05f4ea121ca49331e4a48b2bc2fba6f7829f219634d4e0364b4d08869348f00e8401bad01fea776fd19a28317226b7","ssdeep":"","tlshash":"9431628bb581d7eccd7aa009112b1662f0355bac243050d056bdcf906534ee96b2fdef","first_seen":"2024-03-05T16:56:18Z","last_seen":"2026-06-07T01:38:16.175158Z","times_seen":725,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/sockjs-client/1.3.0/sockjs.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/sockjs-client/1.3.0/sockjs.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:12 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 16651\r\ncf-ray: 9b9f75aade5a5694-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03fd5-f54d\"\r\nlast-modified: Mon, 04 May 2020 16:16:21 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 8153814\r\nexpires: Mon, 28 Dec 2026 00:50:12 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=OKhab8QswdgK2ArFlctFh9wO0L%2FArhh0%2BT2kS0mPiX1rrPFrrVKnXdH%2FmcKhzgIhE2sFxakj7V%2BmXuLX5H6p%2FlKWTLcXxddfE%2FALZmm1pqRl4pRjkOW4%2Br92Rk7fmGmRdGP24Ur6\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":62797,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (62696)","md5":"f0a01fa31e644ca44836356a172ba7c9","sha1":"e81438a79e8a7f34423168c70696cff2a820dbf1","sha256":"840ea076b43dbf564a909bb082dc287740a96f3c4483fcc024f7176306daecc7","sha512":"a18f9c600996f8f31c046e80334cc794efff550c2286bc822ba7bbc197d99e4ce5f032133866b18cb9743a717b76e578cdb2a9fb5f6ebe42614d08ea1ea2e47c","ssdeep":"1536:XFWQV1ZGORGWiB67hAHLY/IyYT3uu+OLFckh:XFW8tG967hAHM/IyYT/Law","tlshash":"5853e8c5f46134a213e7a2b582bf11032376953a640c85b4b798dcf98d7d98c532bf7a","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.117219Z","times_seen":1156,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-210173e0.537894f3.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.162Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-210173e0.537894f3.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-157\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":343,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (343), with no line terminators","md5":"643a797580011f455a862f50acd92063","sha1":"461f0575f4d431d9dbc27709700cfa1d70e919b6","sha256":"0566ae96aaaeed7044a777f84e0d99bcf9e1e15b991615e46d88c8b146eeb72e","sha512":"04a2e5cdc39d2f2840ce565bc4210c825b98b8dbc4ff9226dd68388d8f878aff66c65d81281a7303c966e451b90bbeac24c3a190c8a6efffc80bfa165514782f","ssdeep":"","tlshash":"48e086007b4c195db867f36485b095852e3873178142575a7decc7e09d47189743b9c5","first_seen":"2025-01-10T12:51:25.860033Z","last_seen":"2026-06-07T01:38:16.142091Z","times_seen":596,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-9c1c641c.c03e3305.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.736Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-9c1c641c.c03e3305.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-11bd8\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72664,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"080534fb961d2addb8f5659bb6536539","sha1":"9e638630b9a766249daf5cf2094256fc9799c3bb","sha256":"1b83291aebfdf0cdf5d45c3f568acdd31797311b1ba207d3b72a99373981464c","sha512":"ec88de372468c4b5777e3e137e26b64b0c868141f59855f99f0fd377ecfff4ab0efe8e9330c776b9c99c7b55315061588f3f1b814dfed1e44b200857dce3693f","ssdeep":"1536:G81LeLxbOjU6prVTG1Bo35sCe0MXePDsHme:G81LJU6prVTG1Bo35sCe0MXePDsHme","tlshash":"2e638472f991261d71178664a19576e85b3bf012c2421ff9f02a7b358fe72c6372238b","first_seen":"2025-01-10T12:51:25.845055Z","last_seen":"2026-01-18T21:42:14.182845Z","times_seen":131,"resource_available":false,"data":null}},"time_used":359,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":182,"receive":177,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-9fd116e2.be26ba7f.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.751Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-9fd116e2.be26ba7f.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-14d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":333,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (333), with no line terminators","md5":"ad2d88123d51a4b6e8e3495e9ebece3d","sha1":"d16ec779eefb27ab84d6b438d233184a3e31d559","sha256":"0835e15c3a5c71c15aec5f475c0d5f02d5044d78cc4739a345343b69543d7a38","sha512":"cc6160d1a07c4324bb4b08f9a6f23197d8d3d5fb944895d05fee0ec18b91efaeee9a432b510bdeee58fda5a913dbead577af67e6224b37cfe449c35f01be8c18","ssdeep":"","tlshash":"01e02c697aec5c313c36e918214a08ab23046b23a3e0aa50ae607022cd4b1a7210a38a","first_seen":"2025-01-10T12:51:25.880805Z","last_seen":"2026-06-07T01:38:16.162292Z","times_seen":551,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-37bdd3b6.79cd3a35.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.319Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-37bdd3b6.79cd3a35.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-7a3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1955,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1955), with no line terminators","md5":"7b9c54390fb3760f7b24fb6ff534a1f2","sha1":"8bc648894b0a00e669faefff31e5567ebaa7484b","sha256":"2782db1d2b5d5dc87af62ede8da2b2f4a3bd5d95f974fa54a32c893a504fa85e","sha512":"6bec6bc0a77a46bf36b3f40b7359e9648344e1bc8ba845da4bded6e5ebd1343f139ead57cb0391c859ba936239da82c7fc8cdd36c9419f84b4832b46ef3308e2","ssdeep":"","tlshash":"e241303c7292fdf849e6b190143f7201d12627086435e882fbe0cac19aa199f52a9f37","first_seen":"2024-09-10T16:42:50Z","last_seen":"2026-06-07T01:38:16.152811Z","times_seen":655,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-e8d5acac.dd7d702a.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.329Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-e8d5acac.dd7d702a.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-f82\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3970,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3960), with no line terminators","md5":"9a493e13d192a52543e6af27c5842065","sha1":"ed9bbe77069ca7fffa0013536561505fbde0658e","sha256":"542fb2826e1f57a6fa9b9d7986213b1f7c6f94e6395d7f837891eeaf20da7c18","sha512":"0badf1ac40daa94312b71b8e78a7e5c827cadd1a2f59428a2ec1e6ab5a23a16364f78b18dbc2a2db5b6d29c71fe4bb5b27d50ae5f93c9cd6140e7d95d3b9574d","ssdeep":"","tlshash":"ee81562c72c3f4b84da6b161042f3265e53a3b869425ac45fe60c5c06aa5d1e136afbe","first_seen":"2025-01-18T12:14:07.079097Z","last_seen":"2026-01-23T14:09:19.546943Z","times_seen":177,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-07f01604.ae4a2d4b.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.760Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-07f01604.ae4a2d4b.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:13 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-32\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"3bd570c6967ae39b5fcfa9cebedae3e9","sha1":"b7ac2cb7559f4ea4435cb998a3d269631b3438c3","sha256":"ac0ca1996105308274f8785c20413f7713649699265206279f286f7cf77e0784","sha512":"65b1d8a6f928103c1fbd797224a8483dc595b281ac9965f5f325854768403e9aa4b5aa8f32cf5e6439fe683ea6fcab1e8d9e9053ab75894f4e33781265daf45a","ssdeep":"","tlshash":"66900225652eb006917667163895051e4589911575528582920984975ca1183a150648","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.124725Z","times_seen":836,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/api/common/dict/allMap","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.153Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /api/common/dict/allMap HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nOrigin: http://og6y7c.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14637,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"937f242c7e4b4619f8fede6d6b40bf18","sha1":"884be457dac9e2b8d863036a1789c73a6dadddae","sha256":"cc985354b38714d119dd0c2afaec52dce549f6878e89ce45d90437a70ff866bf","sha512":"d281ce612f91769a7b3d8ac6b73897e531ef235441016748a22ee459e3fced16696a3ff7a643e784ce386bd857294e5a8879b914bea9be4ea101fdee0881db9a","ssdeep":"384:Kw6FI/gct3PRoywMyrQROtMEj9gnhxqlQQJq2VqYo/3/jC0SxyDf9zO07Ae:KS4zAKVqx/97b","tlshash":"0862508cf70779b9dd0fec1491a8688e607d3f771e89c2199a41f54532b1081ea2bf2b","first_seen":"2025-12-29T13:28:16.181256Z","last_seen":"2026-01-12T01:14:46.05603Z","times_seen":61,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-5915ee8d.4006cc4e.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.862Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-5915ee8d.4006cc4e.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-1292\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4754,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4754), with no line terminators","md5":"f2cf758791111fd2d848603463e99178","sha1":"6efa309eee6c7aebb25f7eb378ebb367680cea9f","sha256":"be18a5cd6c8dd5547446a18363472d5ee56a0d2008b3d187fda6f866ed32facc","sha512":"33df9c558a43f266d0231279d5d2c940a857326b2e9e6de968d1b17983e6a784938bc4de991b04007f737e16b67f475a7c1fbab4e82228b22ec105c37d238cb3","ssdeep":"96:92hnM63MqkM6uoSYbc+7fb3bDb9UKUea6:yM63MqkM65bc+7fb3bDblUea6","tlshash":"eea159db78d68112d277ea5216ccd51adf336be73ba10cea71d8284dd706a80631f0a7","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.110616Z","times_seen":1107,"resource_available":false,"data":null}},"time_used":621,"timings":{"blocked":443,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-23010-dpr363bze7lv02","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-23010-dpr363bze7lv02 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 317291\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"532e2ee5bc9752a63b93958ab4afe1f3\"\r\nx-mms-request-id: df13593631884e62ae3f85e788583b79-68c3d1f0\r\nx-ser: i2315825_c11460, i1935949_c22759\r\nx-cache: HIT from i1935949_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":317291,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3","md5":"532e2ee5bc9752a63b93958ab4afe1f3","sha1":"9843eab92fd4d6c19360cac2fbd4e1d5afa3a587","sha256":"2505ad6489a68c91812fb0d049a6b421c4f41279af0fe10e7b6156dd65705d0e","sha512":"0fc22f65f0c2add8c97c9e1fae77dc994433945f3d56a00c6640602f4ef1bbe3bc2d1f105306bf4cf00b27df7c8d2b144888a308a1063ac7775cdfddc47c16f6","ssdeep":"6144:faRBNz+Cbvmcwt92/yzLNBlJDV2wiStbTrP1Z9cUDNL2zFaOz:ONz+Cbvmcwt9vzBBlJD4wiKvr5L8ac","tlshash":"93643413612708fcf75ce66fa299fc8b70aa2313fda6537047576ad3a185a0c0e9d41e","first_seen":"2024-08-19T21:02:15.404249Z","last_seen":"2026-01-07T00:51:01.322509Z","times_seen":2,"resource_available":false,"data":null}},"time_used":754,"timings":{"blocked":617,"dns":0,"connect":0,"send":0,"wait":74,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/vn-11134207-7qukw-lh6et7vvl0j7de","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/vn-11134207-7qukw-lh6et7vvl0j7de HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg;charset=UTF-8\r\ncontent-length: 366458\r\nserver: nginx\r\ncache-control: max-age=15552000\r\netag: \"dbef499579bcf6fd3414088ff8523509\"\r\nx-mms-request-id: 39f17ecd0b5b4cef875d77edb6f82183-68e55f30\r\nhandle-by: down-src-global.img.susercontent.com\r\nx-spcdn-request-id: 0fa8974587a2f95e16137b32c7a4351c\r\nx-ser: i2315827_c11460, i1935949_c22759\r\nx-cache: HIT from i1935949_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":366458,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 900x900, components 3","md5":"dbef499579bcf6fd3414088ff8523509","sha1":"b4830194060e9f209782faa8ef915a62fc15b75c","sha256":"986423186ea18eb70e3d13b9fc1ffb17019c8e25527f078b5f85fece85e3e952","sha512":"99804aebcd8aa79362f80e5e38f051b6297fc143622765e83f66fc492bec58f7909ced4fdb0a87a8d465d60bb3893f27edc6194856252d21890059ecab95f603","ssdeep":"6144:koenn3pdnFecG1Xp2jM/W7oo608WSxIgH51jeCwVgiWUatZahQkOy208InLBc:koennccj0S6WV651WrqcQk99nq","tlshash":"d47412da8e7f4ce1dae285accef7feac3d2598078b6437575e448138e41d923974002a","first_seen":"2025-11-18T01:25:36.522874Z","last_seen":"2026-04-10T01:24:34.734557Z","times_seen":3,"resource_available":false,"data":null}},"time_used":849,"timings":{"blocked":593,"dns":0,"connect":0,"send":0,"wait":125,"receive":131,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-2d0c4262.a4d18f35.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.931Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d0c4262.a4d18f35.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-2703\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9987,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9867), with no line terminators","md5":"730bf2c8c0534fa69c3ad586b798dd05","sha1":"0ad4aaafa9bcff708743abfe8a8befd1f510db7b","sha256":"3078924dcb57f6bd87c237097462d69fe25dd9e1f45e8295488a5e228effe49c","sha512":"b9f6c3e38425b463a2dfba7dae406089ac9092b99fd7f4ce0553e685974b87e4e79f0c108389a2cda65efde7d1c4e3fc435f30d17d5546fc90a112dbfdc4cc64","ssdeep":"96:qRHRYcfNk6il9Gj5vTrykl1zDYc7NkLil9PYykYS8yG:qRHhNkk5LDzPNk5m","tlshash":"1c220e24f4cbd2a9ac7e8002516d3531e1257bf6d426e043b37c8e8847e9eb4271d7ad","first_seen":"2025-01-10T12:51:25.907065Z","last_seen":"2026-01-18T21:42:14.158632Z","times_seen":138,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-62a9efce.758061e9.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.531Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-62a9efce.758061e9.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-2043\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8259,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8133), with no line terminators","md5":"ad32ff19be2eddffd24c1b5177e1a5fd","sha1":"d095f2b2a1c5cfd4234b5306b91930a37a6f6db2","sha256":"8967594add188a7f22cc1247c43d0aa55c52cf8bfcc6daeabade9944a0d08dff","sha512":"455eb2ddffc00032763050b818e4e0940d130a4deae0afd471556e2ea1caf7c535e5f2f1c705ca1ba1393a6483ebf176381ff429aecd0bcaef0cf0972e9fbf06","ssdeep":"96:cLxAC1Gxn2V7LMQKEKbzlhWK+Vm4KeXrOrxs6m6vYb03kp4/c/KsE/Ki/KsaNKss:kXHvAdbzlhfezOrx/ZK6","tlshash":"8a02644ab587e2afcc2e9112802e2531d175bfd9e415e441fb34cc9066a8cb4377dfa9","first_seen":"2025-01-10T12:51:25.920497Z","last_seen":"2026-06-07T01:38:16.224265Z","times_seen":532,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/api/websocket/server/info?t=1767747013569","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.572Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/websocket/server/info?t=1767747013569 HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:13 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nCache-Control: no-store, no-cache, must-revalidate, max-age=0\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"f99961b9d22d35555a318ab5d4d4e85d","sha1":"ee4f93b75260670e850d3876e56d5903f73398f7","sha256":"e5683fe7289e23c2ebae6907aab25a9fa7a5ec0f3342fcb29857466a35007d97","sha512":"d451cb41f54f9ea6be093dddcd9e353b7423d3b4f12700bd77f2fbce35972572ab891c939c0737610d1bb236a525696f566c04610ac27f922499e9a0b974ed02","ssdeep":"","tlshash":"08a0245fc47c303c44cc3f0103005d13541c14f7010054f4711c755405d70111110347","first_seen":"2026-01-07T00:51:01.328261Z","last_seen":"2026-01-07T00:51:01.328261Z","times_seen":1,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-08d95777.f5012141.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.764Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-08d95777.f5012141.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:13 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-608\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1544,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1544), with no line terminators","md5":"3eb6ba970730292a23d44a5c7e0cbae4","sha1":"d96cda9dbebfa42b9429e1ca3d952161ccb24a75","sha256":"bde2e3fb26caaef078a6885fa66517d7dbda64ca44337fd2c98a209fd4495756","sha512":"e3217ed84fa5185169cf12a242021dee4b8308bb542cf26a814174c9ea941626f4378aa0c446229a6f533af89f0cc8201ceb9c1de7f5499c09e8b1c95ba67a29","ssdeep":"","tlshash":"6631e3335125a2087127dc952230a2e3d1ade216f43b1357580f353fcfc799205f328a","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.220573Z","times_seen":837,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/api/common/dictEnumMapAll","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.537Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /api/common/dictEnumMapAll HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nOrigin: http://og6y7c.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:13 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7882,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d587ceae0e178f70a3427b93d9c581d0","sha1":"e4dd172df2beac88ff113c990e74da846fdf4156","sha256":"0c468fef26497177a055e9432b1535d08bee8802c127451b5e48341381ffbc66","sha512":"5fdbe342f22d63b66d20b9cc89aa8981739bd46fe5f22ffa3caa3c52c8647645efa243648b1961ff2d0ab3a754249ba1362b52f6fc7a4ae1ffae08b69d9632e7","ssdeep":"192:e2Y1Ys18r262EQEZSuG5R1INERzDn32Af2:eC262EQEZSTb1xDnmAf2","tlshash":"a9f1d680b38c9db08c52d51155933c2979712adef21c8260a6f5fe4db08cb53b71bae6","first_seen":"2025-12-18T19:47:47.559342Z","last_seen":"2026-01-12T16:05:44.61129Z","times_seen":74,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/lib/flexible.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.284Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /lib/flexible.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:12 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-408\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1032,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"7524a2ba32138a0363ad48a78f4c7b9a","sha1":"aab46e82603b9de5b1880c0aaddc0d0f29dbf7a6","sha256":"d68ca73f7b227d0da6b310867a0a588530657bc433fce241b3b2aea1502c10c6","sha512":"77518eea3846fafd71ba1a086f06975e9ab22c2d1e55265795f62604d2411eec3a9a9ce50e6f5ce369fad4ad22e4346fb4547beae00e043fd7f48b5b21e9c252","ssdeep":"","tlshash":"081175315350b490a4f78e33320d955865304352cc378a60f320f198d5e203b27a2b8d","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.099717Z","times_seen":832,"resource_available":false,"data":null}},"time_used":533,"timings":{"blocked":168,"dns":1,"connect":175,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/axios/0.19.0-beta.1/axios.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/axios/0.19.0-beta.1/axios.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:12 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 4213\r\ncf-ray: 9b9f75aafe685694-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03d6a-3546\"\r\nlast-modified: Mon, 04 May 2020 16:06:02 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 3996802\r\nexpires: Mon, 28 Dec 2026 00:50:12 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=sfLdGaiRBpR5efO8cp5qZAFuleJEnWSpKfA%2BP%2FAuB9zYqJjnJaeVXxAfXLVo9A3gyUT9PidguUP54nhY%2BiErjcA8vBV6KfCo7%2FbwZggJVhzCUiWEM5TCymqRjX8jiIJ0dukOipIL\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13638,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (10313)","md5":"334149adf44476f28bfbf16c7b0382c2","sha1":"ad2ea246ebb53ed655ab50d44b33d4d6f942387d","sha256":"6d2c0a450a04b5d1492f77d7e512fe6af26e95c2feac596825f45e71b9ffa4d6","sha512":"0f9d66a68e400a2499cc1dbd79331892e9e62e278d8b4784e354b7a281c91fcc1401eedb0857ff6911d842ea853d39081b459fbdc0e30d927ee93b5ba1ecdbea","ssdeep":"384:hpI8XyWPbWeAExXqgxH7RqzGbcQdVzxbUm6HwT9eei:LbXdyGbcczx/6QT9e1","tlshash":"f25285ce7861b0a757e320f0805f4a0fb2b6552a754d84a0f660e9f66db542e8733f5c","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.11665Z","times_seen":1178,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":17,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/api/file/banner/202512/18/199ca2f28c964bc7b649649c94356373_.jpeg","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /api/file/banner/202512/18/199ca2f28c964bc7b649649c94356373_.jpeg HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 00:50:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 124612\r\npriority: u=4,i=?0\r\nvary: Origin, accept-encoding\r\nlast-modified: Thu, 18 Dec 2025 04:27:04 GMT\r\naccept-ranges: bytes\r\nage: 6622\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1Zzg2Oi1SY4V5BvKl%2FJi1XwPSLYOQh6%2BXh7bUzCrKQuxyo9dB9e1bFTK%2BxL7SSMviPxqoC2zLYwp%2F4oj57%2BrNJUKDvtjqNdMAUSKkve0uFOpD9qkQQ0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9f75bcc85c56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":124612,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x480, components 3","md5":"c5a288201dbfd8e8be4f7963e6657e47","sha1":"298d49b15dceb528df7d3ce3d260e8763a72f097","sha256":"866ab4513b1e4de7d235118a57be6384ed45a2e809e090d3734a3a4d0c9bf98d","sha512":"895d14f8c1e6fc37b2c378b4dcddc2e533325312ebd79e5c76bbfb798f71db0b3f4c11dfd746d5a392cf985564c9e023557d9066e75f295503e3736515b18683","ssdeep":"3072:Ig073vCM94Y+o0gIG7+PBzduCBOGl5c0nUbU:8rGIIG7OBQCBj5c0nUbU","tlshash":"9fc3127ae613e9bc9fd07a39869b9d26d3f445177800c048f90620fbf50e3d960a9c9e","first_seen":"2025-12-18T19:47:47.645778Z","last_seen":"2026-04-22T09:54:52.10102Z","times_seen":224,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-c3857480.c815cebb.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.894Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-c3857480.c815cebb.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-42\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"128704d72e4cdc59955e5b1bfe03de99","sha1":"39e50b09860527a68e622d53d5d24a373dc0e3cb","sha256":"077189db04bcbefda0c542d814e0e86411f889ba1624cf7571cad575e818508a","sha512":"92ffb66ed596d673664549e5993b42da677179def572aa4531449deb785f6ea13ff631193f3b20b8638b40b6f83dbf465ae626b1bd737d316268e66c56bb39fe","ssdeep":"","tlshash":"3ea00259b5cc0228ba76e144328144d83464175655ad9693fc4a2039da16ee16818708","first_seen":"2025-01-10T12:51:25.882862Z","last_seen":"2026-01-18T21:42:14.152467Z","times_seen":138,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"og6y7c.top/","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T00:50:11.081Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T08:09:46.638045Z","times_seen":16208064,"resource_available":true,"data":null}},"time_used":726,"timings":{"blocked":0,"dns":357,"connect":178,"send":0,"wait":0,"receive":0,"ssl":189},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-07T00:50:12Z","timestamp":1767747012,"ip_dst":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"172.18.0.37","port":41132,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-01-07T00:50:12.173857+0000\",\"flow_id\":1112163221732688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.37\",\"src_port\":41132,\"dest_ip\":\"180.178.44.100\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"og6y7c.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1175},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1654,\"start\":\"2026-01-07T00:50:11.818512+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/static/theme3/tabbar/grab.png","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.748Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/theme3/tabbar/grab.png HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/css/chunk-9c1c641c.c03e3305.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: image/png\r\nContent-Length: 1197\r\nLast-Modified: Wed, 17 Dec 2025 16:43:50 GMT\r\nConnection: keep-alive\r\nETag: \"6942ddc6-4ad\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1197,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"246e24ac329fef35a8fdbde1df7ee698","sha1":"ca6f3a8bc0950f9e97595b7630023f5aa3628125","sha256":"2e091bdafbd770da842eed04a365d8c70ef44deef1abb5ec7ec759c811bfd297","sha512":"faddd28e0a9a6165f917e405d1b85dfe9f2f7ee48c78d60624e67d3c3d5d7099085aff7a69e64ce2a5db29850ae452d06f9fa8fe1329f1d53c2ad50bed77efd3","ssdeep":"","tlshash":"5c210aa25a0d4f23957209b49cf56a50b4b8c9946fd99ec00c873327df8b924297c493","first_seen":"2025-03-03T23:57:52.331763Z","last_seen":"2026-06-04T10:55:59.607701Z","times_seen":295,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":385,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-586d3a0a.ef1ebbe8.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.861Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-586d3a0a.ef1ebbe8.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-9a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":154,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"7925d7f93e05982a8617a67374c76414","sha1":"4de55424b1d06c5cee677118d9d489a5ef675ba7","sha256":"0de3c86520035a4f407d85b454986216c063b7d30db75ff9f35cefaf926b3f50","sha512":"add388a6077fcea2ef59820a8ddab0485f0a737ded616e096c15e78cbcf4e98740b51eb037b8435d24995023868d8592c924943f58e9d0a918b4e13224dcc49d","ssdeep":"","tlshash":"81c04c7466ac6128f17bf6e1de5b51c86b15bb67b120811b5b510230ddc3e7160d1438","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.200869Z","times_seen":842,"resource_available":false,"data":null}},"time_used":618,"timings":{"blocked":441,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-7qvfm-lg4sm934hkn427","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-7qvfm-lg4sm934hkn427 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 129284\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"51e61f5080d42d2e06b2e708b5011a28\"\r\nx-mms-request-id: 761f4de3dcf4406083c0cd74452f5301-691c611e\r\nx-ser: i2315799_c11272, i1935945_c22759\r\nx-cache: HIT from i1935945_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":129284,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x800, components 3","md5":"51e61f5080d42d2e06b2e708b5011a28","sha1":"02724821a85b6a92b2e1618123496e57ce4e4ace","sha256":"34ed567294f60e4f24fc71b23b00b518864addb51b4fe54ae3232eb027fefee1","sha512":"6c97ffcb3d19d4cbe4787e39e88bd3c07d2e8e07d780c0394659b63188f39da1bdfbcfd81323db27ca6e30a546d066f827f6c60b0adeaaeedb0909193400e8a7","ssdeep":"3072:BRSKLLRLvEZ/oBW5LtYWb7uC4+p3jU8eAfoOz1woiv:BgKLdjEZ/o4XYKtjU8esr5Tiv","tlshash":"bac30226ed352879ce299733caa1db1b14923f2f53c9c920b2415d60bfd2b19ecc5978","first_seen":"2026-01-07T00:51:01.336972Z","last_seen":"2026-01-07T00:51:01.336972Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1395,"timings":{"blocked":628,"dns":110,"connect":35,"send":0,"wait":120,"receive":21,"ssl":471},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-22120-40i5b0tbutkvf4","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-22120-40i5b0tbutkvf4 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 204771\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"5581aae05ad26c4a3c6dbff6d93ea753\"\r\nx-mms-request-id: 5472d10ade624428bda6fec1eccfb398-68be48bf\r\nx-ser: i1911849_c11460, i1935945_c22759\r\nx-cache: HIT from i1911849_c11460(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":204771,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 750x750, components 3","md5":"5581aae05ad26c4a3c6dbff6d93ea753","sha1":"e60c716fd3c43ca6e96215ab6403f85052420655","sha256":"bac6b6196bd3585e60eee114a9f2dcca144785cdec7f237a81724a86f1dc26b2","sha512":"e4bb99fb81e9f928b52bc8f363e47ae894c151d5e0c49dfccfd037f56f149504ed5f123a3bc5acf85075a05e82c0961b1300b9a13823296b7726fa7b406e8aab","ssdeep":"6144:jLtr0RsQC/ZGsqBhUY+XowpVJJqkIpFlHasnOm9:v/ZGsEUY+9JqkIo29","tlshash":"aa14122e9405a69b2e3da8d60fdd0de1dc182e35b403cfda466ede63f64782b500a75c","first_seen":"2026-01-07T00:51:01.33903Z","last_seen":"2026-01-14T04:55:43.440521Z","times_seen":2,"resource_available":false,"data":null}},"time_used":968,"timings":{"blocked":604,"dns":0,"connect":0,"send":0,"wait":273,"receive":91,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-fb459430.bd9969bf.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.112Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-fb459430.bd9969bf.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-1d6\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":470,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (470), with no line terminators","md5":"70d16a216ef809a3099eb454f0301556","sha1":"bc079753a85ae41c1dea8010f4aa40ddd030f15b","sha256":"a7e8304da6921b1aadae0552aff571ad2dd3744e0941d37b2595bf3138279c6c","sha512":"132a6bfe81c5eb91c56c65ef153bf6435cef8edc6e95cbf3aa535f6b44569c8ee9e171755b6278be890dd20e81054c2525229a5c01f022c8c72d6218e7c77c54","ssdeep":"","tlshash":"d4f02093399e807e0477e6c5d0521d6543d4b73582425b836eaaba3098832873830b84","first_seen":"2025-01-10T12:51:25.887797Z","last_seen":"2026-06-07T01:38:16.228607Z","times_seen":548,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-082f7c94.8be48700.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.514Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-082f7c94.8be48700.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-95cd\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38349,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37923), with no line terminators","md5":"848811af1ef0d2462b2d2b68b6fe2187","sha1":"67c9f1766dc68e90922e71bde19be5a4a5a97c65","sha256":"b31c98ee1d0fe2ae990f17ec861302677e25f443ec1ad18f914b1e3f83285055","sha512":"bb762d3b2ff857fe8dd1ab103c637f008400cabe3112c50047432554b7b63184c8ca4a11d09780faefac81df6e0fe15b2d2e32116eb67ae0ca17d0c665cec853","ssdeep":"384:C/2PAOQqtUnc7GL2YoxbonZXWFznML/ZevZt09uCcDnVfvg4iisTh:CYKqoAx711bHCcrVQ4Yt","tlshash":"d8037405b487e5af8c6aa061402f2635f1b53ed5d026e041f730cec599e9db4372ebad","first_seen":"2025-04-07T11:12:04.233531Z","last_seen":"2026-06-07T01:38:16.115544Z","times_seen":534,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-08d95777.bceda21f.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.516Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-08d95777.bceda21f.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-f42\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3906,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3850), with no line terminators","md5":"3894e895cf59daf5d1aac34d8d0c703b","sha1":"ab33614f3a9ab14d2adb2228a7fe289af9132b76","sha256":"5583f58f0735d4c6ed2ec37748287c7e80b3e9420e8f6594e6abed75f300303d","sha512":"0c57495ebeb1b6ebc5732e9fa7c0b9d9ffbc1588c226e38f262a4fc1df60cac352d971b8f66c7bb83044749c718e960a41b52842dec8f613c648fa997b56f696","ssdeep":"","tlshash":"0c81c8ad6187f29b8ea66152802f22e4e2ba7f84701c74d5f774e5c9717c490132a7b8","first_seen":"2023-07-11T16:55:59Z","last_seen":"2026-06-07T01:38:16.187721Z","times_seen":806,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-16aecf53.1bb56bc9.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.953Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-16aecf53.1bb56bc9.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-1d6\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":470,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (470), with no line terminators","md5":"ed46d6e43ce98d08e4a96ebcf28a83cc","sha1":"bfee6a0f6ff4504ad3a394df5e7e422e2716e604","sha256":"a4ee56923ccede7944a83392f80a9f882140b3567aa71839d1dc44e0e08e8be6","sha512":"06db1558433ab5c3c9550bcc7f04a0341e4d0c9005fff7d186ecb074c94572ad625cc24ef67f1b4e8e6e8b10e939cef0f462ea8c3e2256a716c043db7d61c224","ssdeep":"","tlshash":"90f0275b39ada07c8636e485f0c0195543f5772f83c935f1eea5aab21e820c63830b4d","first_seen":"2024-11-21T12:34:27.300015Z","last_seen":"2026-01-18T21:42:14.316728Z","times_seen":136,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-1ae0d026.b7b2afed.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.955Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-1ae0d026.b7b2afed.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-1fe\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":510,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (510), with no line terminators","md5":"c92ecb7cfe406e6db3138f17bb8c156f","sha1":"3843aec44f19cb9f0e1e2faa9869f67764c3256b","sha256":"ee9b5957ed2f73d18209811c66d7ddb231089550f344c21a8be6878da3c514e4","sha512":"a56c4a0dd66be71f7ccbba8c8379c6133f1127b908dbf24f0bf3e1e2c0b432235a049b1e7b676df927915f44ed683694fa8f21cc4bc45f3110af4c7439394c74","ssdeep":"","tlshash":"94f09e26d0114508900bf9343ba0071691e4f02be69333ac0c5fe666cfdb4c70af9789","first_seen":"2024-09-29T13:50:37Z","last_seen":"2026-06-07T01:38:16.141404Z","times_seen":609,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/api/file/banner/202512/18/a65fc0e95c0b46fc88b28004851b9277_.jpeg","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /api/file/banner/202512/18/a65fc0e95c0b46fc88b28004851b9277_.jpeg HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 00:50:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 138876\r\npriority: u=4,i=?0\r\nvary: Origin, accept-encoding\r\nlast-modified: Thu, 18 Dec 2025 04:27:25 GMT\r\naccept-ranges: bytes\r\nage: 6622\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6wH8bOgoEKk8%2F0FN8jB6GXokDNDefkdqt6sC5CPsnWFNi7%2FPLjOeCYywzw%2B5xMQP%2FpyW%2F%2Fel4MlBoucCWOENnBtutWds%2Fp7dB6KNOMBpT3kyFA6IREk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9f75bcd85e56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":138876,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x480, components 3","md5":"15c65e1d4c28bba8665a21e52645585d","sha1":"eea649c37bb727e6e54e3e59d9749c6c41659c82","sha256":"a22207110afd7ef4730113a9e9f57f87806fc995169bd49c1f9797f4822f0d8a","sha512":"31864c4f4d4ac1000cab8528ad9058d20b9c27e0befa4e726a57f5d830498d163960ab86f2694a3ae428add44ad1ef65ee70907273df739a74ea253ea404e513","ssdeep":"3072:sHkmFn2r6jFQcorSCkbMTagvWBcbDHbt7U+uWo24bmhAQ6AuZvSfRQv:sHkG2gBrCkopvWBcbDHZ7U+uWo24bmh2","tlshash":"e8d31236e17a0ce2ec1e0b71db95bea61053cb3005dc004ef9a4eda9b14b4e5ee18e5c","first_seen":"2025-12-18T19:47:47.633299Z","last_seen":"2026-04-22T09:54:52.065192Z","times_seen":224,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/static/theme3/tabbar/order.png","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.335Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /static/theme3/tabbar/order.png HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 00:50:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 379\r\nlast-modified: Thu, 06 Feb 2025 12:27:46 GMT\r\npriority: u=4,i=?0\r\netag: \"67a4aac2-17b\"\r\naccept-ranges: bytes\r\nage: 4876\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X6ql1grjB0Lsc3IemPy0dVYvGvAAegORBPA6s3G0I2YHJXQUheFXEyM6IqACfwkvyFhkPWShj7dn%2BzxIN5AKA7nJO86V3OkrNVgvAfnWPh%2BHrIyD7rQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b9f75bdd87156b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":379,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"549ffb680d0527849f31e5995d16799e","sha1":"5b9749927e26c7f219f9170784f37a9dc1861c6d","sha256":"c5ee884416417d216686fbbdc70e12525210e9c016655a7020f729d95e5d025e","sha512":"4326949b6fa6b271f242ade578b6712573f0e00ed5cd04ad9040c8522134bc535f048d40ddc68e9397e357d67126cbc991e6594f73eb52016a321411a0b7aa6d","ssdeep":"","tlshash":"46e0686b62a45dbccaa60e760fb0045280b0c9988516cfc6b16fdcfa0a018c855c5f55","first_seen":"2023-11-04T02:21:06Z","last_seen":"2026-06-07T01:38:16.226098Z","times_seen":471,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-c5c0ecd6.2ea0ed93.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.907Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-c5c0ecd6.2ea0ed93.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-32e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":814,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (814), with no line terminators","md5":"8ad920d3141fcfb6940483b0ee0008ff","sha1":"e45b43be13dc2cd8033b3eb424bfdc4b9456b645","sha256":"6de363de93ecc1ea90d66315d79b726f1d0829281515795ca9ff2f597b1096e2","sha512":"60c413c315fae1738c6db6845bf335ce162fe8522bbc8064489726bf889b3fcf3a3fb34ab9a7884910d02ffbf1c30aec497f28bbed57ecaead7f4229a1719ffa","ssdeep":"","tlshash":"0501ce13b656220880b7d6f2a59939cdc280f977e00769f95d328f21cfcb1c21da82ce","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.135247Z","times_seen":835,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-189a2af1.80f557e2.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.726Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-189a2af1.80f557e2.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-af5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2805,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2805), with no line terminators","md5":"468f6b31fc895c922124770cf6c2e8cb","sha1":"08df2fe814f49ce944d01335fb57de8c217c3fb5","sha256":"880c31a4e7c722887deea7342f8e3f11d548a36d5373cbeab820cbbe242adb26","sha512":"08fe2112db174a0cf661d076f32e6e3e5232f79a09f791e186c538f6a042bd9df13654dfcc52d174fe5a33f020718501ca47167563ca7909193e4898a636ec18","ssdeep":"","tlshash":"c35133066f56faadd866c286101f2750e05c6a7c7431d4c9f370cbe4d5908aa039df1a","first_seen":"2025-01-10T12:51:25.896462Z","last_seen":"2026-06-07T01:38:16.156165Z","times_seen":579,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-210173e0.002263b9.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.729Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-210173e0.002263b9.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-1f8d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8077,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7977), with no line terminators","md5":"3856338d5b4912dcd744ac73432235a7","sha1":"ca8e82e6caad4cb825f1b50fdfd244bc352c9b5f","sha256":"3356599398fc293cd0d182d64272678ac8c5abe7865d48653f31abc3edd93ed5","sha512":"3f15ecbc998f171b40dce305086627f776b5198d5bcc249340ced7e81f112889cc211e9651c3c4ceb653b72c77f6d308f0597df5d750b50bd673665dc5ff8cd5","ssdeep":"96:5L9GcFsE93gIqYIuOf957+3Ft6CEMYH3CT/8TDvrTu3sL4SGiHsJhr1t0R:5K/L7IaH3wkTrrK3sL47hr1e","tlshash":"11f11345a0c7f6fadc6e9213841e0a31e1312feaa525e087b678cfd01a54d792b2d7b4","first_seen":"2025-01-10T12:51:25.899246Z","last_seen":"2026-06-07T01:38:16.179018Z","times_seen":579,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-75292e3e.3d7c787a.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.749Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-75292e3e.3d7c787a.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-1ac5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6853,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6711), with no line terminators","md5":"068d827e81f3643021999d1540fdd5ed","sha1":"222d029f95be902ecc892bbf6394509c8ff96d2c","sha256":"6c7c7cb24a4292a85aba6155e032cb866bf2801f93bc245ee8cbe94eb07bef35","sha512":"89c0d60557993dd29cbe26a19849511f44e1a6b73a7413d80da85391468b55554054ad6942052c32f006599c71fb1214061f1abaf65085629a460851eda207d0","ssdeep":"192:Ok4xlS+7/T/d/f/0/TFNk4DsMk6RFdl7w/r872IPQ:Ok4Xac8fG8ix","tlshash":"ace1db2cf587f49648e79061802f3225a3352e85d426e051ff35cde4165992ea32efbd","first_seen":"2024-11-21T12:34:27.44109Z","last_seen":"2026-06-07T01:38:16.207319Z","times_seen":580,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/app.3bc2ea8d.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.291Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/app.3bc2ea8d.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:12 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-fa5db\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1025499,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (31193), with NEL line terminators","md5":"0dbe7484528049cc2bca6b4af1d36e4f","sha1":"02f21b67b3fb5edeb2bbcbe67a114b978eae6bf8","sha256":"9075d998e49395e49d389a93033454a754a6b75d76dfaafe809002e95fed0f3a","sha512":"b3d53582700362721d3d4efa26521a2e63438b0162b555300a01651e6c7a3820408be392b9a260aebf4fc1313eaac78678fd27da84b807a518798ab646ff502d","ssdeep":"12288:f7uz4XHtQAEFn9ogO/xXVb23xHuzNIE+KGwkqkxYE+/mGJoVHDvoW:aaiOuAm0Jqjf","tlshash":"4c354b5872daa3b505d2b4a1200b3b2ca375dee7d28d900e5b75c6c836efdf05027e66","first_seen":"2026-01-07T00:51:01.349553Z","last_seen":"2026-01-07T00:51:01.349553Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1261,"timings":{"blocked":159,"dns":1,"connect":180,"send":0,"wait":191,"receive":730,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/core-js/2.6.9/core.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/core-js/2.6.9/core.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:12 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 27060\r\ncf-ray: 9b9f75aafe6b5694-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e2d-16793\"\r\nlast-modified: Mon, 04 May 2020 16:09:17 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 7150087\r\nexpires: Mon, 28 Dec 2026 00:50:12 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=8wpyWZyPGCb6wTWc6eUQ7EHvFv2%2Fx3o70T3q%2FIZHVmvGklnneW12xCuelS7V1DSwbGYvzzZY4JHe6CJujATh0uDKtOImooK%2FeqspkdrtFtiY0Te%2FtSkwtxeXxCssYrHAWFUMSBrB\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":92051,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32000), with LF, NEL line terminators","md5":"622c4c9d5dc4b1ee29a2eb908186ec88","sha1":"491753a3f979f7d180af11e1929ffff85e30f921","sha256":"794d1c7ab27be77d366e0497e641488e50f5ae6581b4db51cc08de1e142eb47a","sha512":"2b2485006e3a36dbae0d0d8488ab63ae6085c34d5a6f72c3558c52b492294c157f67ce47c1c3b89498db9ff72f748485fedc04a881f1877f903cfa0df1c8be8e","ssdeep":"1536:PLFpwkiSucuVH8MBfaQQ979S17LMgRCSRjMbEjeb6Gt6UQ:PLbw1Sucu3Qw8gc3gk6Gt61","tlshash":"1f93618cbec6f06642636675413f900bb27a1a86745f89d0e12ed1e4bc7c98f413be6d","first_seen":"2023-04-06T20:58:39Z","last_seen":"2026-06-07T01:38:16.184989Z","times_seen":1466,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":10,"receive":1,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/loading.png?2222","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.962Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /loading.png?2222 HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/css/app.643795bd.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:13 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-3421\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:1.11.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js:2.6.10","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"SockJS:1.3.0","description":"SockJS is a browser JavaScript library that provides a WebSocket-like object.","website":"https://sockjs.org","common_platform_enumeration":"","icon":"SockJS.png","categories":["Web frameworks","JavaScript libraries"]}],"data":{"size":13345,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (8499)","md5":"c6a97415ae5e550d1bd67d24ab2ab03f","sha1":"0387deee2f15bd25b53cf565772af660f93944ef","sha256":"f815db4784d6be231b038e2b7fa60754a9c867266fc1baa4705bc5f73c0eede2","sha512":"beb8cbf8b42461f9f9d782b26e059e8b23d96d5bca16a7b1e724ed34eecd9f8532bdfc37c95ab809f030c398968c29bc6db4db45c648bb960c30baf9c8f590c9","ssdeep":"192:vsNZeKIC+LFGSFGmQnqQngPlKoIFfKyMxgiAQntyztM4/Z0tf+ahaOa0acaiaBaV:vOZUFdaFSyUyQntyztM4/Z0tr","tlshash":"ae525d39da0155aea9d1dd9b9e39f729c4eb8c3b2070e440b66d8d4f8f78fd40226493","first_seen":"2025-03-03T23:57:52.259992Z","last_seen":"2026-01-18T21:42:14.194676Z","times_seen":138,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-37bdd3b6.ab3049c9.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.308Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-37bdd3b6.ab3049c9.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-c3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":195,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"bb2937d5e125d43804baced3df0e2324","sha1":"f05644aab014d7d97bbc85608cf6780c493a05d2","sha256":"e00bf1fa5fb4cfdbc444c4bec56187a9791039e97da5321313d77004d0c64465","sha512":"836ce5593797ed06b6b9e4357d2caae8f7327368f4ad152df77817d74efa3c8d3728445ccee4b72549ec7890d90716a58d56f0e2d77adc14c5d1adc46d9e62fa","ssdeep":"","tlshash":"40d0e9f2551994b98a3bc22500dc7484196bf626d1675189ce829a282dc63013f7425c","first_seen":"2024-09-10T16:42:50Z","last_seen":"2026-06-07T01:38:16.105047Z","times_seen":675,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":25,"dns":0,"connect":0,"send":0,"wait":176,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/static/theme3/tabbar/chat.png","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.750Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/theme3/tabbar/chat.png HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/css/chunk-9c1c641c.c03e3305.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: image/png\r\nContent-Length: 1345\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nConnection: keep-alive\r\nETag: \"67a4aac2-541\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1345,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 67, 8-bit colormap, non-interlaced","md5":"9a9a3c68d20119ec90a21aabb59aa872","sha1":"8d3d8da5e2cfff13f62d0230a8f50fb6eb850bb8","sha256":"c8fcf8de83cd1d7b76eafd9fc6cc4b69cbe6ade29a885d7a709125d9de8cfe39","sha512":"f664b99ccf9a56023f424176cdb57ffd85e44e11de244191095b55adda525b3c3e831063b6ee2eee0cba54d553048d1e7e3706ac7fdffb1c9c89e7acafb0bbb8","ssdeep":"","tlshash":"212130f8f1a80825c36dc2a5c562bb78229c985cd1ec6b893fd0d6af5d9cc5e1dc43a4","first_seen":"2023-05-03T23:27:44Z","last_seen":"2026-06-07T01:38:16.16771Z","times_seen":464,"resource_available":false,"data":null}},"time_used":570,"timings":{"blocked":390,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/api/file/banner/202512/18/d3935668b7d3435696ffca56e36564b4_.jpeg","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /api/file/banner/202512/18/d3935668b7d3435696ffca56e36564b4_.jpeg HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 00:50:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 143443\r\npriority: u=4,i=?0\r\nvary: Origin, accept-encoding\r\nlast-modified: Thu, 18 Dec 2025 04:27:12 GMT\r\naccept-ranges: bytes\r\nage: 6622\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cGZby4%2FvntGagVWkCaDCVGvJ9eWevOppkd5WWIs8ojdGZKpRlWaWtkkrF9G6Xzi6WQWE7ewQ%2FBAPxHqBHlQPi5K61lh5YPxOXNRse6Wkp7tFjr09KBo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9f75bcc85d56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":143443,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x480, components 3","md5":"90f1b57fc494b9f239024c3ba154fbf4","sha1":"97638429e365355e6fda0e650eeca40fea1e9bf8","sha256":"cf4015cc406fd0b4392852f83e54b33b631154928246f2a5582e8391987cdc48","sha512":"463a199b032adda5fec9bc37407637a8733b287f46ea6a736e0e3a80ebe1f357781f1cd85da78a58e656a384dafa1709421425ed43506d27e0b287f5bec3e743","ssdeep":"3072:66ILqn7d3KfwBXKkPdaNig4Nn5FXdiKLc285LNflKf:66IL6tKWDEt25djLQNm","tlshash":"60e312eb8d143923ef9cd3115ada0265ca65cf31d68973382c786addbbe2b90134c56c","first_seen":"2025-12-18T19:47:47.682993Z","last_seen":"2026-04-22T09:54:52.09334Z","times_seen":224,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/static/tabbar/assets.png","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /static/tabbar/assets.png HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 00:50:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 17565\r\nlast-modified: Wed, 17 Dec 2025 16:43:50 GMT\r\npriority: u=4,i=?0\r\netag: \"6942ddc6-449d\"\r\naccept-ranges: bytes\r\nage: 4876\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c3wxOdiDrSRUEgvnKLahLl7GeWSb842TmLbXad6ZuWvaFvGBrwzz9x7ZyTskVlpUrVT1QhKQ3IpxOf96JR9BXCXFb0trAwxC9BT988dx0Z3z4ybnUsM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b9f75bdc86e56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17565,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"f58533d3d8032a2ebee5b01e4f91ce56","sha1":"373a51128c8f99ac2371ef4b792b2994128091ea","sha256":"aabe3cb48a68fec28f801583b8f7a0e9ee2e893e07e7c792a979bad9ec9fe980","sha512":"7dc05b5ea1a70492d7c3c952b8321f02a103db4c2e69c8b58c546c65066ea8846cb92c183d6f4e9f6940224ab8d12808797460a6392dd7d188e584dd3c447569","ssdeep":"384:F0wD4mqGePGw/4elj5VB4Od1jXkl41jhBjBQYce1n3jZV:FXPw/r94O/4412ReB3jb","tlshash":"7f72e1c278618dea2e860738583fd202e31fe1ecd452ba56846bc20751ecf9d9df54a8","first_seen":"2025-03-03T23:57:52.23244Z","last_seen":"2026-06-04T10:55:59.725847Z","times_seen":295,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/e42026ac2e54cb6ede4973fee9077e61","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/e42026ac2e54cb6ede4973fee9077e61 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 74510\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"e42026ac2e54cb6ede4973fee9077e61\"\r\nx-mms-request-id: 6a6f7faa655c4fdbb24b88db8d019731-691b0cae\r\nx-ser: i2315799_c11272, i1940231_c22759\r\nx-cache: HIT from i1940231_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":74510,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 562x562, components 3","md5":"e42026ac2e54cb6ede4973fee9077e61","sha1":"29008402b98d979ee11aa7761ac4f1255a180542","sha256":"77f5d6f00cc8159027384c83cc80c1a20272fcb6482457c9d50c87d17aa7e600","sha512":"542cd5fae3d0235715ed2847361a741a3a831e6ec271ea4e586eeb0664388d7da90288de85d73c8890de5da0db6793968217ffb8f57d1ab9e63aaffa0153b574","ssdeep":"1536:76apW8SylHDr8GClciRJcUeFNXRMVd12yQF3l2iWfSnWde9:eOBJDQTciRJc7+VGyql2h4WU9","tlshash":"be7301c7f821ad4a2639b23733466a4d53619b94896ef155be10d0de3a2ef470b2e019","first_seen":"2024-08-19T18:25:35.649045Z","last_seen":"2026-04-02T18:42:59.741921Z","times_seen":4,"resource_available":false,"data":null}},"time_used":743,"timings":{"blocked":600,"dns":0,"connect":0,"send":0,"wait":113,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/static/theme3/tabbar/order.png","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.745Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/theme3/tabbar/order.png HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/css/chunk-9c1c641c.c03e3305.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: image/png\r\nContent-Length: 379\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nConnection: keep-alive\r\nETag: \"67a4aac2-17b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":379,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"549ffb680d0527849f31e5995d16799e","sha1":"5b9749927e26c7f219f9170784f37a9dc1861c6d","sha256":"c5ee884416417d216686fbbdc70e12525210e9c016655a7020f729d95e5d025e","sha512":"4326949b6fa6b271f242ade578b6712573f0e00ed5cd04ad9040c8522134bc535f048d40ddc68e9397e357d67126cbc991e6594f73eb52016a321411a0b7aa6d","ssdeep":"","tlshash":"46e0686b62a45dbccaa60e760fb0045280b0c9988516cfc6b16fdcfa0a018c855c5f55","first_seen":"2023-11-04T02:21:06Z","last_seen":"2026-06-07T01:38:16.226098Z","times_seen":471,"resource_available":false,"data":null}},"time_used":557,"timings":{"blocked":380,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/api/banner/1/list","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.850Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/banner/1/list HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/m/index\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1053,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"14a12bbe0d810a07fce208e82c8ec26b","sha1":"ff50ebe5ecd49376c08254388b9cd22ddbd2f149","sha256":"c51affbc1bf1d1db5b317e3715d29070c1aa70eb101cd9771e252c32505d6392","sha512":"6e2fee0de1f375774e85fdf2f59fc773138100b5f09458a352b8092f8fa952a4b360c4370ccdf7d39531c0c445f36f968c4f066836e2d5a8a4fea6f05c9bd77e","ssdeep":"","tlshash":"5c118c19db2ef8f8b98b804361bee1d6a01c336fd4c0675532c2c94c89d94756f1aa2f","first_seen":"2025-12-18T19:47:47.678996Z","last_seen":"2026-04-22T09:54:52.12574Z","times_seen":224,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":95,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/api/file/banner/202512/18/bdbc55bd44d2472185ec3ab5ba4e5266_.png","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /api/file/banner/202512/18/bdbc55bd44d2472185ec3ab5ba4e5266_.png HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 00:50:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 18525\r\npriority: u=4,i=?0\r\nvary: Origin, accept-encoding\r\nlast-modified: Thu, 18 Dec 2025 04:38:03 GMT\r\naccept-ranges: bytes\r\nage: 6622\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bhPUdGxaaw61mEOK38hjA95odIuNss365H%2BL1zJj67BPLloiJqaGdEWM7cXliiZJZb%2B%2FDW194PgKfWcnjV8dqfjRrgCTHZCRX0ASfwJ%2BYf4tu%2BueaRk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9f75bd386556b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18525,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 200, 8-bit/color RGBA, non-interlaced","md5":"87a48792e6f399190e65562c3501f76a","sha1":"35f5173463e05edac8290fcb934a9ee6fcb569e4","sha256":"ddc11fae50e69ace10d8ffafed02aa089d229956a12a062d2bc24d7c1d3828ab","sha512":"06fe0883c262c3b74903d7bc9ccf8b6512bae0c4de68ed251af4be6dd1d2681971969915c701e35a4f42d4e45da4d9f73847c3ffca3ac1d550c2fc674b422836","ssdeep":"384:vRQpxgTe73UBw1uieG6YgBjYs+zPvjR/Hcs9ZDfZmngN0Zsv:vuNEBwX1gBv+DvjSs9ZdAgN9","tlshash":"5482d043da8c8f81b07681d6b0d2a2c789f23791431c2825cf4384f24aba6cf7aa175c","first_seen":"2025-12-18T19:47:47.669517Z","last_seen":"2026-01-18T21:42:14.207045Z","times_seen":87,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":7,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/static/theme3/tabbar/mine.png","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /static/theme3/tabbar/mine.png HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 00:50:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 4660\r\nlast-modified: Thu, 06 Feb 2025 12:27:46 GMT\r\npriority: u=4,i=?0\r\netag: \"67a4aac2-1234\"\r\naccept-ranges: bytes\r\nage: 4876\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d6xPgsva%2FaAy91s3ZdjcIKkQXGlJrHn3BlGtiPicnCxtPgk0tEPHUF%2BHVwnIScd%2BoiMpOVUQteyPInMili6NrDrA8VtALoJ4cjXNWEQRy5eR5h8cvno%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b9f75bde87256b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4660,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 138 x 134, 8-bit/color RGBA, non-interlaced","md5":"9257d7d41f0aeb65c674ea3ee19ef1b4","sha1":"826e3ae0ef20a7f48f69fd5740ff48212d05ecb0","sha256":"f4e0220e488ebe9e5176c587603b0756cc755a8649c13344aea8652d57cd5562","sha512":"e459264955355f76655df49a7ee28a76e31b84ebd37a8fcd2703d011b8eb29696ed01177dbf79758c952b29802b4afb7da894aa869b6e6c596f988764a444de0","ssdeep":"96:F9ICo03ee/GROo9AO7s0BPYx6GYWNHo6JxG/jgIZpEN25Vnj802NKo+pTp3p1:4L0uqrydGthNI6DOgIZzVnjj2NAp3p1","tlshash":"95a16e1391ede97e449c890166d2053db96b3bf0c68897f4149b2fdcd3b0e72b6810b8","first_seen":"2023-05-03T23:27:44Z","last_seen":"2026-06-07T01:38:16.150404Z","times_seen":477,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-01907c11.507215dd.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.320Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-01907c11.507215dd.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-911a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37146,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (36752), with no line terminators","md5":"7dc98169c2ae70e9bb0ce61f818fc89a","sha1":"dd4412f9602ab7332b6ddd9e194a8b3ee95b48f4","sha256":"82159e78404597f6748b0ab6cf14c8458ff00ae1ff7fbf021429df7df96a0c1f","sha512":"3041009d9df67c3a317ba77ab4212777420461b143c5fbb504e7912d9e7acadaadf68587be97a11f71d063c1a69932c2fbb223d099091a2d87d67d7418dc0b49","ssdeep":"384:Q1bty3b+E1QIbJn8SkX6A8bJl88IMg2RyWlWXbJ783zq79:oZyqEsPXm88IMkI8","tlshash":"acf2a618b1c7e26b9d7aa022442e3534a0727ec96016e186ff34ccc97a69d74371eb7d","first_seen":"2025-04-07T11:12:04.286593Z","last_seen":"2026-01-18T21:42:14.193132Z","times_seen":127,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-2d0b3a3c.5dc5753f.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.927Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d0b3a3c.5dc5753f.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-16b7\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5815,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5707), with no line terminators","md5":"f97d5322939eb50d1d04e0500f994d9b","sha1":"10869657061793411b2a16b952a9c5649c078bb7","sha256":"acf8c01ba6f3190a31ae470d6b126edc9db1ba45639108cbf9c0fff19fb0e92d","sha512":"a2e900a122dbec48de9e06bc543796cca811b5d3919eb6df97a85702417116f6e7586a6446667f6532165b65c975825f3778abecf7b3acb98d78ae57be4dd702","ssdeep":"96:Vn0LXNkF3a/s057RLnm8jkjotbWDBkviyGYp6B:VANkE7Vm8jkjotbWDBkvY","tlshash":"3ac13230e583d46adc3b9a1051296a36f070bbe6c569f041b3b4c79487f9ea43b1d36e","first_seen":"2025-01-10T12:51:25.902462Z","last_seen":"2026-01-18T21:42:14.328455Z","times_seen":138,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-7dd52cfb.35eef463.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.940Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-7dd52cfb.35eef463.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-deb\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3563,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3529), with no line terminators","md5":"7366e2843a611744e4283c9d3fafb6dc","sha1":"f801ab9804692885ff7960297da89067f6ca13ea","sha256":"c4c8ae0d46797a33adaad493835f11d1964158be41388fea2c098da31367c91a","sha512":"d5d04c8046b57551c6572cf94a5aebe2e53ee890dadf7d536cb4ad50f68715ff809833803c898ac905a88368cf45066fb532711163a8eb97e938e805618180a3","ssdeep":"","tlshash":"0771225cb0c3f028896eb036611f217ae5357dc55513d590af24cee0ba65c3c632e6de","first_seen":"2024-09-10T16:42:51Z","last_seen":"2026-06-07T01:38:16.099151Z","times_seen":609,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-9fd116e2.51f27438.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.136Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-9fd116e2.51f27438.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-1c66\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7270,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7258), with no line terminators","md5":"6292f7d901ec6aa7e1792e247f1f7813","sha1":"af6b1d49c095e8e24b9cf461eedbbe970d0c7da0","sha256":"205421f27996f9c325621bbd21e5c1dfed12b03a3c987b17ee7dac58edc95b40","sha512":"406bfbc3b5d7078949dac9ab9c4b673872a938ffbb2b0ec9eb5eaec7e1c5f4d27502b79c7b0e460f0cd3bb73694eb1353b345a4bb12b2b8a7753544bc70a5f46","ssdeep":"192:r3zwKcPhlGNQnrvGEeGVy/tugdtHw1gt/+tA99C:r3JcZG4ow1gts","tlshash":"48e1d7c8a49efe5a1c529152203f32e5e109686a7639e8daf730cfce4ddd5410b2873e","first_seen":"2025-01-10T12:51:25.930485Z","last_seen":"2026-06-07T01:38:16.146205Z","times_seen":533,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-vendors.42f07336.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.293Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-vendors.42f07336.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:12 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-10000\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65536,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (29775)","md5":"bdaaed4e9e1d5e0322ea968e6f47ac0c","sha1":"85c58af8151ed5badcdca952295e8c6e7b3e1e15","sha256":"c9634af5f9b16a9f44d78311163effd76467a2441f744859c96fc066a3b58aa8","sha512":"e23c153981e588a4d6b99c8341da319ce7e9bb16036ff952a8a469910640505b6e7ee7bb9e6d06dc59082f537053bb46cc8d800b82de8a730abee7d743bf03d5","ssdeep":"1536:qJuH03+0goh0dbU2Q+39Ya7C5x+eccVdofh3q4A6R:qJuU3bCbU2Q+3MXccgpE6R","tlshash":"0553e788f2d5b070439771a8402f610bf37ae959b44d8498f625e8e1bdb8dce546bf38","first_seen":"2024-04-24T18:56:38Z","last_seen":"2026-06-07T01:38:16.213296Z","times_seen":803,"resource_available":true,"data":null}},"time_used":704,"timings":{"blocked":159,"dns":5,"connect":176,"send":0,"wait":188,"receive":176,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-2d0d2ed4.7c83b00c.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.932Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d0d2ed4.7c83b00c.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-2774\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10100,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9994), with no line terminators","md5":"8195598aa993f4eb16721266a9689326","sha1":"dc7c411f3f4b7312d0d5b9a08bf085a395090f0d","sha256":"cb76cd728656eb57e309aa3a598d358151b1dccdcf0c16a8c9501e5999943230","sha512":"1b259f4d4fb509aa0ed0979c75d96cc3006be5c5f6aaa02a9174233e36906f96bd8c6edfb5fa531108e6ddfdfb735e3fe8a2a5ba6d3a0f1abf333521efd4f93d","ssdeep":"192:YGzkL+lB6yLAo50QN5+npu1QwRL2JxAvuZy/0vnA1z+Wf3+jMMq+rUBd+uPOtbzI:Lc+iOlxRITmMe4M0jsL8z0","tlshash":"2e22b7cdd989dc230fe2b3ad342b30d4a117902a7c16545bf3b0eaed265fa415922776","first_seen":"2024-11-21T12:34:27.403449Z","last_seen":"2026-01-18T21:42:14.176219Z","times_seen":130,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-5fa5b614.15686613.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.530Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-5fa5b614.15686613.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-32fa\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13050,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12984), with no line terminators","md5":"09c99aa908c96cb71534b403beecf80a","sha1":"5f2b3d7ae4930321a02440dac2215ecfcde0ad0d","sha256":"0b2fc8265759e8ed9ff37d4893bcfc21baa99f0eceaa012c26af4b1f7aeaa405","sha512":"c0dcd15ff6221ab6f2d54c80bb36006dda2c3f6214b7196f43af0627eeebecd2fc151bae40eff44c25d9a116efa51823faeb29fb7b6e6d13bce9adfa70a22f27","ssdeep":"192:tEWfzwDx6+shl7N5qAZwRLy8dEBGqTydMturitHw1g6IM48GEBGlbBNQn2gcxKtZ:tEiSxBUx/uRqJ41g6In/Qn2gX","tlshash":"8542f9c9d849fe1a1d529111201f31e5e14aa86eb628d8daf770cece8dcd9440a29b3e","first_seen":"2025-01-10T12:51:25.919632Z","last_seen":"2026-01-18T21:42:14.344228Z","times_seen":133,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-7721dd77.0e3d8694.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.938Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-7721dd77.0e3d8694.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-68\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":104,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"50a232a7a5154e825f186f95acf29aee","sha1":"802fa9205750afec336d36539e1a913906088396","sha256":"ea9c81db3bf4e708fccee76f211080e15889d6a7efb7134d71e6d728fc0ec5b1","sha512":"3f33f5039d50c9086497763f636dbcca0652a04b23a43337400784b9774a56b6f87bc59100b119d45fca2663fdb7ad9240957851aeece61f177420eabed8eed0","ssdeep":"","tlshash":"fab0127d3440b41604bfe4d6115b33f63c5f01042f7218f40b6500743e65acb490568b","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.218067Z","times_seen":810,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/api/country/list","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.539Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/country/list HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:13 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":144,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"3f298bb0ac3540cbad44910fb093be64","sha1":"6d19b9441aadc961bc7eb9e603f1e89726f7856c","sha256":"9d27cf53ecf5a19b4eb932ac6fdfbc476101f3854236fb3b15f922b293a0fcc5","sha512":"8146f0151618d4eeef50b085efe220aa791fcaedc99f59178273f5ad4e84bd9a4cf339f8708c87da8f24cdd8b42f1a0eada61d035859fd2544d9e91dcc093561","ssdeep":"","tlshash":"80c02b8a720cacfe47508003440dd36928bd00a6fc883c295ece9f65c1466f0021c827","first_seen":"2025-01-10T12:51:25.837389Z","last_seen":"2026-06-04T10:55:59.758675Z","times_seen":301,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-077d4adc.d477b20f.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.759Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-077d4adc.d477b20f.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:13 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-76e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1902,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1902), with no line terminators","md5":"14cc1559da505bf3f520e70bfc15530d","sha1":"98887608abcd4da203e5ce591518ecf7d965baff","sha256":"790878518416dee3793f1a66870c777e4957e6750b6c1eb3027291033b88d138","sha512":"afe0d6b16b4175aba47687cfa34ce49fc9289a9a29d3db4e23fc2ee7d46e421531ea80421429cf36d8d8174c809f7a20eb630aa109cdfb8dcce9e6eb1fcc440b","ssdeep":"","tlshash":"b8417735f92d010db077fa61262139da6044f223c5a626a79d137239cec76c23677a0c","first_seen":"2025-03-03T23:57:52.314914Z","last_seen":"2026-01-18T21:42:14.256227Z","times_seen":136,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/static/theme3/tabbar/home-sel.png","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.743Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/theme3/tabbar/home-sel.png HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/css/chunk-9c1c641c.c03e3305.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: image/png\r\nContent-Length: 678\r\nLast-Modified: Wed, 17 Dec 2025 16:43:50 GMT\r\nConnection: keep-alive\r\nETag: \"6942ddc6-2a6\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":678,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"77799daa36d79f46d4b281b47653ed1b","sha1":"55373be89e5b80041a0498a720e73db384b30236","sha256":"72587bba2c08d4d3224cfd5c5be4be51b84741142696938d00361e372d2c8813","sha512":"eae2e0e6d68a4b7e1542cd846aa3fb78cb007b0a62f860425bfb544b1c89c9d34eec213d2a344353a0dc30521f4d529edb983f7b4d2c1acfcd1e54cbf7fec813","ssdeep":"","tlshash":"43018393f30668269ea14ee7c33f9178e088c99715e864696a82843d1370ba8f52d267","first_seen":"2025-03-03T23:57:52.309985Z","last_seen":"2026-06-04T10:55:59.584628Z","times_seen":295,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":88,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-5ac9c246.7166d383.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.863Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-5ac9c246.7166d383.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-e5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":229,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"ec064775c3153aa6a62f9b60d59a160e","sha1":"5d5a99b3be437cfc146d5971720486237196f8c7","sha256":"cac26300bc744377b726cf8ffcfb18d937ec9c67e76fa848c3d2c6a309ca7d0d","sha512":"2e4cc9fc530a08bd63c2523521d6396a2eed0d94e932cce1bd84c3cafec0ad2ceac7950e93a9f5ba8f97136c55e9faa0340d91f905c27372a210551941b9d6e3","ssdeep":"","tlshash":"d0d0920c3a4c8821b83ae924a18404c136af36330627ca3b5e202021ef46f743620b5c","first_seen":"2025-01-10T12:51:25.871071Z","last_seen":"2026-01-18T21:42:14.260937Z","times_seen":131,"resource_available":false,"data":null}},"time_used":631,"timings":{"blocked":450,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-7r99y-llls9x279ub312","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-7r99y-llls9x279ub312 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 289433\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"f51864d37b378859607dd6f662db7f3c\"\r\nx-mms-request-id: f8af59ba5cf94af48aa9f2f5208e7056-6910049d\r\nx-ser: i2315831_c11272, i1935921_c22759\r\nx-cache: HIT from i1935921_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":289433,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1024x1024, components 3","md5":"f51864d37b378859607dd6f662db7f3c","sha1":"23c031fb7394be0f72ed7fad87b35d3ebfcbda4a","sha256":"8a84cc3a338e1a2236b971cf7d9e0feea1890e9775d0fcc918e7a525770b6d2c","sha512":"76b84c609d9ce51b67b87ffb1020465c3bb29952f773a7aa1a7d1386d1321f876d456b10c72a9fc190345e4eda8560fa0bf8c194e2aacf21612d634443e3b844","ssdeep":"6144:KV4evT2oe/igGaRwiYlizxoScYCXV0IJ+pLyj4YvM6BuJ2id5:DN/igGaR1YYzxSXrJ2yjT02jid5","tlshash":"54542363ec364a33d15103b43d13ac7c0e564a1ce8e1a17b6523b8cfa9efa976e0a154","first_seen":"2026-01-07T00:51:01.367048Z","last_seen":"2026-03-14T13:43:25.768899Z","times_seen":2,"resource_available":false,"data":null}},"time_used":835,"timings":{"blocked":588,"dns":0,"connect":0,"send":0,"wait":125,"receive":122,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/de6b6e7d44f2820f592ce31c903e9313","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.440Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/de6b6e7d44f2820f592ce31c903e9313 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 129168\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"de6b6e7d44f2820f592ce31c903e9313\"\r\nx-mms-request-id: 5782d3dccff3494a98622c03fa73e396-6950aa1c\r\nx-ser: i2315825_c11460, i1940231_c22759\r\nx-cache: HIT from i1940231_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":129168,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x800, components 3","md5":"de6b6e7d44f2820f592ce31c903e9313","sha1":"124a5988af4a53a63ce4de8443c6c95f7e78d54a","sha256":"d5b584a2577fa66da46d943ab002ec40adf940e1d50a2f14126607770e8e8199","sha512":"317debf2e2cf8272a4af927c698040c728d05aef64a583ce8770973809cc15d7dceb904a9e2400eacc568fdcfa462fcdf77e2b56bb9323e4a1d5cbc405b3a266","ssdeep":"3072:zqkI10Flxdslt+zYOSFvvmdzuNODq9iiOGyji7Caaz:zqbOFlxditscm0OxiOlji7CT","tlshash":"c9c3ad1789488b57f56883a8be070e994f466a0cf4c37aff00635ec76aa0b764d4e57c","first_seen":"2026-01-07T00:51:01.36834Z","last_seen":"2026-01-23T14:09:19.465415Z","times_seen":2,"resource_available":false,"data":null}},"time_used":768,"timings":{"blocked":581,"dns":0,"connect":0,"send":0,"wait":123,"receive":64,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-7qvfe-lgdgh8swbi91d0","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-7qvfe-lgdgh8swbi91d0 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg;charset=UTF-8\r\ncontent-length: 623968\r\nserver: nginx\r\ncache-control: max-age=15552000\r\netag: \"d5ce4655f1d6df6d278313142bde1b2b\"\r\nx-mms-request-id: ad87b78f411f42f2beeef26109de68a5-68c6cbfc\r\nhandle-by: down-src-global.img.susercontent.com\r\nx-spcdn-request-id: f4f2ef6d41dca82c98d505246c1a6219\r\nx-ser: i1911851_c11460, i1935921_c22759\r\nx-cache: HIT from i1935921_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":623968,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x1000, components 3","md5":"d5ce4655f1d6df6d278313142bde1b2b","sha1":"161eded4b431459ef0457812634a375a13a8722b","sha256":"7795f20d7e668497f5b0110a78a86b509f88b81a378441bdddb71a1447220ff6","sha512":"7832f7a7d5a41125a23c55d5ea887f2e046586536158dbebb861b907a46018441d8ab79ba909ef1df04cefb13a2bd725f411608227a025ceaf33216ab014b343","ssdeep":"12288:49FGArdSroWyvyQTauqE4lhzX2mGG6xpmNrdvuKFMFSXkm6VusU9aHYjy:yeKqQ+u4lhzX2msxQrdvDFzla4jy","tlshash":"46d412d9e6fbec61b94b8dd125b26ff0320370e145662c99226d38f6b061ddcacf8149","first_seen":"2025-05-15T11:28:59.519115Z","last_seen":"2026-01-23T12:36:58.972988Z","times_seen":3,"resource_available":false,"data":null}},"time_used":842,"timings":{"blocked":575,"dns":0,"connect":0,"send":0,"wait":121,"receive":146,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-7721dd77.435b277e.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.555Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-7721dd77.435b277e.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-3342\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13122,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13122), with no line terminators","md5":"afa8c144cb9a731467483205850e245f","sha1":"ba2b45fdaf5dd66d052b9c61fce85ca0ffffe883","sha256":"b3bd51359c248396e2ae630372f5e6dc315c35e7ca4cb9cb305a52f05827551b","sha512":"8d97ecf43e0b92d40330e3638c9c35e69ab5e26d61da26daca6d0747daf2855a739c6c477a3d2a322d4a1d61510d1b76218ef1450bac6e4e8d9b8b9d0e5ae0af","ssdeep":"192:fAJi5ylzEJShKcliZRb7OZBu5qdzWrxb1UMlfB1cH:ft5yS48ZRb7O+kCxbOMr1cH","tlshash":"24423a70bc641cbe333ac5aa315064985e26f453d1e14ea9f41f77a88fd71ca1a26f32","first_seen":"2024-07-02T22:35:07Z","last_seen":"2026-06-07T01:38:16.125765Z","times_seen":708,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/api/poster/homeList","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.851Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /api/poster/homeList HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nOrigin: http://og6y7c.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/m/index\r\nPragma: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T06:05:52.434608Z","times_seen":5283,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":105,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-7rblx-lmwu0abbvhh55e","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-7rblx-lmwu0abbvhh55e HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg;charset=UTF-8\r\ncontent-length: 304704\r\nserver: nginx\r\ncache-control: max-age=15552000\r\netag: \"916886a955268843051712d1793c03d1\"\r\nx-mms-request-id: 3ac2596fcb6c40978a9c0ad3e62da6ac-68ae20b6\r\nhandle-by: down-src-global.img.susercontent.com\r\nx-spcdn-request-id: 7e5a281c8a463c43e3bfa836f43dbb97\r\nx-ser: i2315739_c11460, i1940231_c22759\r\nx-cache: HIT from i1940231_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":304704,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x1000, components 3","md5":"916886a955268843051712d1793c03d1","sha1":"3720385f6b19c49e92d1261aa30251bed51ffe7e","sha256":"829ce660af241e199eea3c2488ff23a5cc20592197b2b69f387b28157f3045eb","sha512":"0090c24d3514216a9c879da5a2e508a1fccdecf2f2d3140edb45e0c507867861b719e2eaa9137788403bb89973d74cbc34ace95b94ac04f467f71a9238bc1129","ssdeep":"6144:htBYo/RPCyiusQx6ZqvcT65ClxzudZjzof+vKAh45zct/XY9h:m9yJ8T65GxSdJoWvKAhIzmO","tlshash":"ff54563d6379991be8df0e28c03653cb977a5369854f8038ba49d6d253bb349bb06d0c","first_seen":"2024-08-19T19:34:05.772341Z","last_seen":"2026-01-07T00:51:01.371235Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1457,"timings":{"blocked":645,"dns":128,"connect":24,"send":0,"wait":121,"receive":46,"ssl":481},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-932adb64.d362d6ae.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.727Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-932adb64.d362d6ae.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-a41\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2625,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2625), with no line terminators","md5":"6baf6301c2e215f8e8ecec373a734e7c","sha1":"8eee0eca4c9b0fc3a69866a730afd72b88a5635f","sha256":"0576a55858af13ef94bb893a1d0a1e30e77872294ffb95be0d0ac7d4a4c208df","sha512":"24206346f932e96bddedd75cfd79d50ba46121b6fe381548585f58bb6134c8ada39806e28a09d71303f5265cdb3cace4b9a0e76d1fe9cba19d37ebe22cb4f103","ssdeep":"","tlshash":"a151113364585209f13bddd11a0429e66970ba17f0029ffe8d5d3c30efc759626a2389","first_seen":"2025-01-10T12:51:25.879985Z","last_seen":"2026-06-07T01:38:16.114981Z","times_seen":551,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-d646062a.fd7ecd59.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.930Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-d646062a.fd7ecd59.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-75\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"1db8ba3fc65dbf3f188380bcdf134406","sha1":"2cbb507f86ecf66a1d8754c4ca55989642a4db24","sha256":"34d7a991e8686b0c722898afb4868d324b4cee6053c5e0aeb37f76b0245233c3","sha512":"e3d39b9e1b11331f99e3816b78e57c4f253543915a102b9b4ec8b67bad401b0e663082a755ab447931c15da95cbb967d553dfa1176598d72efdb364ca132f6b7","ssdeep":"","tlshash":"0bb092442a8c0012ec9ee2e0b02165c18617b333ca424712ef28a4b88ec30b82061d19","first_seen":"2023-11-09T03:37:00Z","last_seen":"2026-06-07T01:38:16.119622Z","times_seen":813,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-16aecf53.940ea4d7.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.524Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-16aecf53.940ea4d7.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-399f\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14751,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14469), with no line terminators","md5":"18b827d1a5881cbe1dea75331998e57a","sha1":"8a69f3f9bbf2a5813c9373940674bb908d6ead82","sha256":"0b62abc3d5ebe6ab59479880aaf3a7aa0860fd6db738bd22250a74e41204b9c5","sha512":"a4ca8e0e8be7b8924b07290de21eee910b8fc50f0d4015f179d5899225f73cb39eab940c1052f7dca535fcc4d0803ba51ea53f9f9da41f39d72f8b1c65ca9397","ssdeep":"192:XZYYky2uE1tJS87BmQt9mvH/CCoblLZ+wyH:JrE1tJS8F/QKdWjH","tlshash":"e0627854b487e6afec6e9522411f3a35e1312fe8e022e043bb34cdd459a4d78272db5e","first_seen":"2025-04-07T11:12:04.278746Z","last_seen":"2026-01-18T21:42:14.201337Z","times_seen":126,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-2d0e923e.8b0cd209.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.124Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d0e923e.8b0cd209.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-13f2\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5106,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5106), with no line terminators","md5":"584af06a2616deb23eaff27c770b2713","sha1":"31211da93d53b1b6f3fb06cfa0deb1a69770d4cf","sha256":"b57124fa023feb12a78b04ff14e182e2d061778e7256906f4dff5c65b6d461c4","sha512":"ba7e2286b70d98cc3cefbc844e28748209baaada80458f6f1d8743a774b2b8ecaf1c2325d8af19ff3832a54f2b0651fcda57c7e18626ad32cea92b7b8ce3dcd6","ssdeep":"96:TKLcRkKk2c72mRgrYR7r7RWYFqQc72mCgrYC7r4CWYFqnfET1Z1zeuNoHWGScG/k:TQVL2i3gE7hWyZiwg17FWyK81Leko/ok","tlshash":"17b1638588a6fecf0126a1a5602f35d47002e14a283250a677bcdfae336fca21f1531b","first_seen":"2024-06-12T10:15:54Z","last_seen":"2026-06-07T01:38:16.180232Z","times_seen":718,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-543bfd0b.62c90df1.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.523Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-543bfd0b.62c90df1.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-13c0\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5056,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5042), with no line terminators","md5":"acba08223d64cb5bdf9a3c3c259769ec","sha1":"f4803920d88373beee4a148c8e8f08989a06154b","sha256":"0110e7a3b8f793d5663658b622b15ab0098d3d651ad72ce03afc3d9bb3e97df2","sha512":"575bf27a75e9b05a02e75debaab52312548ddcdb044a0b146c48036ff2e937533ae26d42b921c830e51b80af8f7c5df72c161786c2f4bef1b070b3fb5bfa2b3b","ssdeep":"96:APDprdN0BH8e6B/oNzGxNvFMM+ay61C96Du5HteFo3VyaDUMTb:AbpJma9/oVwsMVy61CMSFRKMTb","tlshash":"afa10739a3d892dcbc1fc64fa61a2994322b058d72025545a2a9cdb0b2539d89f1bfcd","first_seen":"2025-01-10T12:51:25.917184Z","last_seen":"2026-06-07T01:38:16.181Z","times_seen":536,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-5ac9c246.99d7678b.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.529Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-5ac9c246.99d7678b.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-1bd9\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7129,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7129), with no line terminators","md5":"b817e0d7c29c26013ea24a1c25d05a58","sha1":"e39f612ac3b3072512769a5d008678116e5651f1","sha256":"560b5090bfd38a1640349a924ad8ef6465c23b4f4c9125b7bcc8ed1a94a30563","sha512":"a59d4f6e825c8d3fcf2e2a18b016b7332db348f62f26a8f72b3038df0ef710d477a1f0550221c495833da9773e70fdd996b9e9825f9798dc5421c19b9e755a62","ssdeep":"96:R//EAyNOSx+FXZtXhVXlGZ+R0WKTtGWK1Id5xty6sOP5ZBtxjeReOnwFZdYczjtj:R//ml4rvGEeGdId3tKk/BttO1ehjt68B","tlshash":"a5e1d98ca49afe5a1c618161203f31d5f109682e7635e8caf730cfcf4dda5450a65b3e","first_seen":"2025-01-10T12:51:25.919028Z","last_seen":"2026-01-18T21:42:14.309053Z","times_seen":129,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-06ae24a4.686330fb.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.530Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-06ae24a4.686330fb.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:13 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-81\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":129,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"676e3a2df47d8e40c29c2d1a67127eec","sha1":"e54e8144ef939162c151a843933a98ff020a2641","sha256":"6499fae751b066d09b0d93a067502c15d6fecd5b460c7f5a981dc1fb3b286fb4","sha512":"4314d28a687dba60202a2a5974ea1b39b02a45a2fea359503396553b4bf9c1eebcc4168357fe2e43875ddd2e61c2af72b926ee6a61bc978fae9474a77de421bb","ssdeep":"","tlshash":"c0b02bbe2804790808bfa0e4300b33d8048301003f711ce507b020902b74e8e4303a4b","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.159335Z","times_seen":840,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-51bf3da6.a12c505e.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.486Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-51bf3da6.a12c505e.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-f5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":245,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"e7b9050a6fc82c525a837afd6d11c905","sha1":"57719f330a4cef0abfcc1c092f713bb7f29a37f4","sha256":"6a6107454bacfd475ed4648f0e806d196a689c6429d7ae67d1e34edda569da45","sha512":"c73cdc7b94817e432533a2737487b575e8d6c0b36867a0406ddf314fb95c573bab1259e6ebec994c73ac9354fad97ab6f714f147081bc574660ffc90e4544361","ssdeep":"","tlshash":"86d05eb9774ddc74941ee391254813ec2e403b16132003a3cf622230de0f86059e76a8","first_seen":"2025-01-10T12:51:25.867012Z","last_seen":"2026-01-18T21:42:14.140247Z","times_seen":138,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":101,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/static/theme3/tabbar/mine.png","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.814Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/theme3/tabbar/mine.png HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/css/chunk-9c1c641c.c03e3305.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: image/png\r\nContent-Length: 4660\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nConnection: keep-alive\r\nETag: \"67a4aac2-1234\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4660,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 138 x 134, 8-bit/color RGBA, non-interlaced","md5":"9257d7d41f0aeb65c674ea3ee19ef1b4","sha1":"826e3ae0ef20a7f48f69fd5740ff48212d05ecb0","sha256":"f4e0220e488ebe9e5176c587603b0756cc755a8649c13344aea8652d57cd5562","sha512":"e459264955355f76655df49a7ee28a76e31b84ebd37a8fcd2703d011b8eb29696ed01177dbf79758c952b29802b4afb7da894aa869b6e6c596f988764a444de0","ssdeep":"96:F9ICo03ee/GROo9AO7s0BPYx6GYWNHo6JxG/jgIZpEN25Vnj802NKo+pTp3p1:4L0uqrydGthNI6DOgIZzVnjj2NAp3p1","tlshash":"95a16e1391ede97e449c890166d2053db96b3bf0c68897f4149b2fdcd3b0e72b6810b8","first_seen":"2023-05-03T23:27:44Z","last_seen":"2026-06-07T01:38:16.150404Z","times_seen":477,"resource_available":false,"data":null}},"time_used":555,"timings":{"blocked":376,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-ffc2961e.07a681bf.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.319Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-ffc2961e.07a681bf.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-ea\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":234,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"335494c83d0ab57b3041100fa7d6263d","sha1":"373d0eb5ca7ed8340fdb1300fd652339d2de7c81","sha256":"4223177d0678c350c634f558c6055589630047e94a59dc32aa6c6db44f020dc6","sha512":"6f431b53de52f295662a6ccc14fe7927ba8f8fe66b94e54092a5f6b11a417a1d7cc871fc82562743ba0c42528e2b59e2ccd6fb4dc9c769ad04283ea367f3cb88","ssdeep":"","tlshash":"22d0a7543f4d4275fb77e3d4f51b28826230e3b3cec102d197209455cc870b9200e474","first_seen":"2025-01-10T12:51:25.889473Z","last_seen":"2026-06-07T01:38:16.131945Z","times_seen":551,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-250cd2dc.4cf16b04.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.165Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-250cd2dc.4cf16b04.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-96\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":150,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"091f4c0d35cf00184a04622ae52b2624","sha1":"176269dc52ce5d5f6d777745c61c10c2a04c7d25","sha256":"54e7f16f1832e2a3fa11b2c114ad46c90142c333b5c155353bc0878662bfde4e","sha512":"bac2f02a0f493b697ffa5492e76831eb473c0f97b5ba6fd87d6faee7cad38992b1e66f69b0b2f3fd18017a9caef9d410e5e8f90ee6eee141fc40eb9d1738aeb1","ssdeep":"","tlshash":"73c02b50b60c56508037d0c5c4c00851206a3b1ae62797f78d01ed35cfcf160b58e584","first_seen":"2025-01-10T12:51:25.86084Z","last_seen":"2026-06-07T01:38:16.230756Z","times_seen":548,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-9c1c641c.471bd454.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.352Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-9c1c641c.471bd454.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-39d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":925,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (925), with no line terminators","md5":"1630e44870c051f166fa952f722d4725","sha1":"bc968080544a2e59e8e026de0abe54359d28e39d","sha256":"6c95e0a7e350c2c80e72c4240857bec35219ccbc7ad3fc34d61290e62a7c20c0","sha512":"a45ad5fc2885dd1e50f162373b8dd381440eded0a0ec9907082e5c05f0ec84ebe51874bd3d3835a1b53995f552adcb05f9007d845adb0c1e3cc046d2237966b1","ssdeep":"","tlshash":"7811cb4d39a5b1133b2b64a4106f72889de7218639bf6c91d164c4909f7258f116bace","first_seen":"2024-07-16T23:08:15Z","last_seen":"2026-06-07T01:38:16.12941Z","times_seen":631,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/icon?family=Material+Icons","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"43:D3:3F:93:6C:4F:F7:67:58:9D:D5:48:20:4C:74:A2:69:DB:13:9F","sha256":"8C:DB:D2:85:E1:AB:12:7B:1D:5A:65:A7:EC:22:67:6F:B3:A6:65:01:28:29:FA:D2:3B:01:8D:10:7E:4D:09:52"}}},"request":{"raw":"GET /icon?family=Material+Icons HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 07 Jan 2026 00:50:12 GMT\r\ndate: Wed, 07 Jan 2026 00:50:12 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":565,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"2b7a8d84952a9183b106df19f711324e","sha1":"a92c5e12b422bba9ebb447e1852d9681487361bc","sha256":"282801a0d182035440d5ef6d429d227126d2e6720a52b91d31a7d746c758154e","sha512":"d7ef3f86fe9fa5730a118c688b8f779e82ec3695df5ec48953905ed078ef4d78a3c8005021574d936f69ff0467968b6e68fbcb0680894470abf8f26200af2e0c","ssdeep":"","tlshash":"c0f0c064be0a988566110c42370f3f164d1d401fa80ac8fe8b911d4c8cff1bb134670f","first_seen":"2025-09-17T21:11:07.996842Z","last_seen":"2026-06-07T07:57:45.858208Z","times_seen":46758,"resource_available":false,"data":null}},"time_used":1166,"timings":{"blocked":554,"dns":0,"connect":28,"send":0,"wait":45,"receive":0,"ssl":534},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/api/file/banner/202512/18/f39a2d2ce13f443e94eb9616e3795078_.jpeg","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.163Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /api/file/banner/202512/18/f39a2d2ce13f443e94eb9616e3795078_.jpeg HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 00:50:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 109200\r\npriority: u=4,i=?0\r\nvary: Origin, accept-encoding\r\nlast-modified: Thu, 18 Dec 2025 04:26:45 GMT\r\naccept-ranges: bytes\r\nage: 6622\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h9SK75UmmS5njop0qUPi%2FvLFcHrxiVK9DtNPZMEmDDViVAuipRnsRmD85Q2l%2B7peQwPlWTRp9xraK7cq2AsDYgWPCkyPdDbvtlIj%2Bg3oq%2FuG3%2BXv6uI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9f75bcc85b56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109200,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x480, components 3","md5":"83dcbf6326a347fe55c0c645f55914ff","sha1":"b1b338ad7114f3d74f317706b4428bd6f3fa081a","sha256":"eb5ad397521bff280894a761287ecfb2e2f36c1952b4b98d2f2cd32ca21802a7","sha512":"168834cd8d427be21b9e5b3857e90e5a060d025485082f6288ccdc03ddec604a41a941487762d380049dfdc5340bad35f78743e12cc68eae2f364b641694794a","ssdeep":"3072:OeTqV12SDVXvvvGWQ+X3sFNmLi+y0wgIWz8iHOwwwwwwtPd:O729FwumTzLwwwwwj","tlshash":"e3b302270528ef03916cd3733f39196a2bae1e5ce29831f576610e5affa27462cc9454","first_seen":"2025-12-18T19:47:47.612229Z","last_seen":"2026-04-22T09:54:52.068906Z","times_seen":224,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-f045b624.fcc4b9c8.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.107Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-f045b624.fcc4b9c8.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-78\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"7a2294f71fa3fcb9df3f49fc4b6af4a0","sha1":"e3737db7515fb7f5ee71f08e997263adc7859680","sha256":"53d54f04576875a8355e595f7a10f2530c5f8468f1e5bf954669f7f119b5c8e8","sha512":"b4093c4522fc7a720a005d30b757639615f52c39ecc5140e8c69d0e9f016e11a1707f0442341922e61f38e182c2ec5ea238b991c2c17e1c51aaa24ec2d1f295b","ssdeep":"","tlshash":"aeb09270bc4c080d23b7b3592264ada01e247152ea8012296cb0d262ae033a2344ac86","first_seen":"2023-07-11T16:55:59Z","last_seen":"2026-06-07T01:38:16.137585Z","times_seen":827,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-14939100.2eb31734.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.523Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-14939100.2eb31734.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-d6a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3434,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3416), with no line terminators","md5":"93d0e224bd12c00a770a74d8c1dace6b","sha1":"e6c2e8385f949bfd4d44ff1ffc0fe6ea44ed6d5d","sha256":"cf1a24a9260bb4e2cf1b78f2734d48d182578e8c43348928c7e4c3fe616d2649","sha512":"603b793c1822b2301d9dc0aef86eb92e619a7b69ce1547c40e5680f9a587683630f223c63a4c5e2f9f463bf3fc8e59046c8d14474e60f57f54d57ab542d0a573","ssdeep":"","tlshash":"62611004559af6b5c87a9011a22e3720f1793fa58032e08af7a0cf951ad4df7571eb2d","first_seen":"2025-01-10T12:51:25.894809Z","last_seen":"2026-06-07T01:38:16.201908Z","times_seen":576,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-6698de45.e1984af4.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.742Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-6698de45.e1984af4.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-4347\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17223,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17043), with no line terminators","md5":"5f3fe7b4391a1b7304abcd9c3c6f55cd","sha1":"f2de771ca78295b85e6cc623d79f4fe6af541b07","sha256":"38c6a2d4960cfb06cf15e5e3efab2a5ab8bfddc1b4bb68489722bb1109c01239","sha512":"deec0997cd72961560169f45c630f18c177590e86756f2d6e79cee1e80ef975c2e42fc963a285941cac996ae2d051ba9fdff2f749995741375c40877e5f2e069","ssdeep":"192:i3xkwOxCMgpCU91RhPj6YhOWvDZ+J2B6bJi4QyvdUcc6ca4f2:i8CMgp7b6F526bJi2K2","tlshash":"73727614b5c7e6ab9cae9021442e3525e1323ed9a026e186ff34cec46928c75371ef7d","first_seen":"2024-09-10T16:42:51Z","last_seen":"2026-06-07T01:38:16.174525Z","times_seen":608,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-7ebcf264.db3712b6.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.942Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-7ebcf264.db3712b6.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-2cd4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11476,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11394), with no line terminators","md5":"498a899df615cfafc276472b1be881c1","sha1":"98fbccda6c5d4f420bb0369591076be6ceb7c746","sha256":"9bd10b776c016be8f501f8bb5f36d42b210fc0ffa2c3423cd0056d1c8397967d","sha512":"f06de60b25ab349e02888bfb395142cd4f28f5fae94b3b7810b1de947e083974ee4b220ae2012a62a9cf2bf1fdf772b0792118cf7b6d3f1e01423a11ca21daf7","ssdeep":"96:uT2XkyNK8ToTTTw7tBK2Du7FtO4zP4kDcUDcR0nm0n39X7oyXHG1P45fyAe1cWpH:uTOkrDzXP/6hYGy2iMNDFdp","tlshash":"a6322159a48be6aedd3f8021806c1631e0241fe6c739e083f778ce6842d5db46b2d76c","first_seen":"2025-04-07T11:12:04.200468Z","last_seen":"2026-06-07T01:38:16.158758Z","times_seen":531,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-06ae24a4.fd43ee93.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.757Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-06ae24a4.fd43ee93.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:13 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-bb0e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47886,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (46623)","md5":"177ff7e3310c02d7e6a139a3237e0d38","sha1":"375c1fac3912c4b63c01d7bc241aa43ed0055460","sha256":"db079d71523907889a19e611a38e528a3405d89d22506634a177248f03f93226","sha512":"004642aa9fe53920ff46cbaf93784da99051143c22aa04e4e24ce332e2556b057d331a481f31ff427dc0b5ef0cac013c55e41764af8496f59366278918044741","ssdeep":"768:KEkZgRUp2R7p2ROwo1OAPkuD336ya5hrCen0eTg:KEkZYwo1OAPkuD336ya5hrCen0eTg","tlshash":"9223b89a48a1224591234e56cbcc9fa8473cc76364b25cef33967c4bc745bad23ce617","first_seen":"2024-07-02T22:35:06Z","last_seen":"2026-06-07T01:38:16.10846Z","times_seen":762,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-082f7c94.4fb78762.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.761Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-082f7c94.4fb78762.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:13 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-1050\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4176,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4176), with no line terminators","md5":"3bb0a325933a9ab0e88dc2ba85602ce5","sha1":"a8c722a6abc46b8783857bbc0c5bcd45dc4e7c04","sha256":"28e8c50ef6cb0ebc5145933d38ff0ad53754d5f3ab46d7dedff06df249183fba","sha512":"86d63977f4da3dc9eb87ce04e27c499b0dc030c2adc4138216cdcd6ba1dd85436012054e28a142d900ff37a5462462851840a3c1c9792ea409472712780dcd6e","ssdeep":"96:DJH1W27B/QV+Saol3mLycpSzGi//ktfAV+:DJH1N7B/e+SaolkS+1","tlshash":"27818672a21d4208f53bf6b025789ddd1970e22ba1834be85e597421cfc72933376ace","first_seen":"2025-01-10T12:51:25.853356Z","last_seen":"2026-06-07T01:38:16.219188Z","times_seen":548,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/static/theme3/index3/1-3.jpg","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.716Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/theme3/index3/1-3.jpg HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/m/index\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 47068\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nConnection: keep-alive\r\nETag: \"67a4aac2-b7dc\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47068,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 537x378, components 3","md5":"a7f2c505fc4bddc550b902c81f0fed50","sha1":"8443f7f5b2b42cd7125016703535d4a70d6faea1","sha256":"13657cefe8bc16f181cd20e55c29261cd0bed1e71bcee1919a64ee84c721c1fe","sha512":"a0b61cb45ad444aefd4d8289965799bc14f223ff9ef96072ebc04c28d4446da15cfacdf6d43c4dcbd0d3c5afe8933d3407eda040282c3d699e6735b128245355","ssdeep":"768:E8Z2y7obgF8OgP9OWNiod9melDs1VKUzJcWjdfOG8vBwZ50hzH9XOtsYsZ91hNGn:jwrOgMWNxmYDqVPVcod38vB0Q7nz7NYl","tlshash":"5c23e015fe49ac02dee511ad12a2c4645f316849ece2f9f8b0be21f776872698d3035b","first_seen":"2025-03-03T23:57:52.258056Z","last_seen":"2026-01-23T14:09:19.53707Z","times_seen":150,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":51,"dns":0,"connect":0,"send":0,"wait":183,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/95ea5114e27e46bd46250835100a6cbf","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/95ea5114e27e46bd46250835100a6cbf HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 119666\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"95ea5114e27e46bd46250835100a6cbf\"\r\nx-mms-request-id: 1de9871011124ab3995855e0e6c6b433-690409bf\r\nx-ser: i1935883_c11272, i1935949_c22759\r\nx-cache: HIT from i1935949_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":119666,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x800, components 3","md5":"95ea5114e27e46bd46250835100a6cbf","sha1":"3fd9645323cff896a039376a850d14e29e02b4a5","sha256":"8db5e46fe72c1a28077320f3c78a513e0dcc68a931a2b2416d4b81a826a8ceae","sha512":"bc0a88d20ac712bb861e6e526452a40738b3161f197989c317534cb2f4305bc3e278e953d95e808d02bce70c72271d77da86081a6d736f9264c37902a56f1055","ssdeep":"3072:ExleGiSLwFJigS8bGWTHvzUdRoX0t8NacqLu:I1DLHgS8bnT7UdWX0tIacwu","tlshash":"43c3e02bcd085783a46d83bdfd570d2d0f4a161cea8779fe05724ec77b2aa124d0e46a","first_seen":"2026-01-07T00:51:01.389734Z","last_seen":"2026-02-22T23:56:56.160641Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1217,"timings":{"blocked":633,"dns":0,"connect":31,"send":0,"wait":25,"receive":50,"ssl":472},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-cefa4dd6.ceb1f577.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.911Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-cefa4dd6.ceb1f577.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-608\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1544,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1544), with no line terminators","md5":"4f5c3e0936d5f86c34c8a8a3e48eb731","sha1":"d986b9f658e4860865d5ba3b70d01c23480d9183","sha256":"0a2683401ed89953e511402e3a9590f56a867918b623a36b5b69f2cb5f2493c4","sha512":"89962414c7ad4e8f104711c2b359296fa9fe67bc6cd67b28de09121e0a53dc595a473a00eb31141bca7f739dc7d71b8227fe400d1d2a337b8d3f6d48b301aa8c","ssdeep":"","tlshash":"6631b123545612087367db77262193d351b8e232f83207569ac3b536cfc75d625ef28a","first_seen":"2024-09-29T13:50:37Z","last_seen":"2026-06-07T01:38:16.164785Z","times_seen":610,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-fb9a6e1c.18e63057.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.137Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-fb9a6e1c.18e63057.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-f8e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3982,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3982), with no line terminators","md5":"1222172e2e65b589760538e32d85338f","sha1":"0764e6c652b1c3fb343951928f72e662d4f844ba","sha256":"a2438e112e09cb9101c879598ab4aed5956ef8d7d65f869fce501e8842c192bb","sha512":"88694b37e41f62273af46b818c62565d51fef1a001abfb416c7966dec6b98a06db3d64150b7f22244627ea83d9e346dcbd61a12fddb7cc3dc304d5300e217e52","ssdeep":"","tlshash":"2d81ef3638596308d07bf670b6a00a8d42b9f107e28317da441bab26cfdb5c621bbe55","first_seen":"2025-01-10T12:51:25.88867Z","last_seen":"2026-01-18T21:42:14.229321Z","times_seen":131,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-26742610.878e04d2.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.924Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-26742610.878e04d2.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-cf56\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53078,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (52560), with no line terminators","md5":"ab5cadd39b8e2c9a97682bd6102fbfee","sha1":"bd9537b4dee413e52063a6440e5de6cfaf4b26db","sha256":"e61d3ce051b4bb715c2bdf39cd9c6f83d098efccd0d47ed365313107513fcf02","sha512":"1b390696384da91b9613877aae6ffde5ed6e75ac2373aa1f034052fc07642d89ae9519d650b29de82270f9687458d70811f41453334f5328d0fc5c79b556dbf7","ssdeep":"384:wGqLJiP6oxrZXHWZcQqcDk0GY9BtVoTZXHfZFrZxmRe83UEPZd0WIZo99xV0mY4Z:wGrRI+L2XrYTom4n51","tlshash":"6033961ab58be2afcc6aa052811e1930d1757fe9d025e081f734cd9496e9cb8373db6c","first_seen":"2025-01-10T12:51:25.901568Z","last_seen":"2026-01-18T21:42:14.157915Z","times_seen":128,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-2d0b5a45.6acc96ec.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.929Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d0b5a45.6acc96ec.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-bbe\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3006,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2990), with no line terminators","md5":"94fce710d5a4657ee567a62c74db1020","sha1":"7ba4b6cd93bbe00ec7526c06673b012e14cb2bc3","sha256":"6ecd051eb49d14764dfe92c78184c6d25717d50084cdeea8959811337848641d","sha512":"b8133c7b6492d358ccaa8fd357efc68472c1a4d85b2814fda3f1107ce036cdf4340095814a9b356e9a9ad86882577b73874785e0ff8216602b9bb6397756b093","ssdeep":"","tlshash":"ff51744831a3eae702e9a092b82f3705f3753e499421e05577e1c7d4da685aa331bf39","first_seen":"2025-01-10T12:51:25.903742Z","last_seen":"2026-06-07T01:38:16.120182Z","times_seen":537,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.15.4/index.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/element-ui/2.15.4/index.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:12 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 121691\r\ncf-ray: 9b9f75aade5d5694-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6109231c-1db5b\"\r\nlast-modified: Tue, 03 Aug 2021 11:06:04 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 3968540\r\nexpires: Mon, 28 Dec 2026 00:50:12 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=6T5sP%2BP3a7Cf7HLqxjGL%2FfrmQnbPN8GrKt2SEoR2x5%2FUEZtZUPK5FcrYpAKiS%2Frl1wV2pAm%2BOGpJvDHNrpiGl2vsQgWJ%2F6wfCgYC3QfEz6yytihPp3x1GXP5HLyrOW58uHqMzGka\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":585656,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65105), with no line terminators","md5":"c51f03d35129d9d1a9da65b24cef7fa7","sha1":"1e1d550d978378980dc3aeb60012da86c2355c4b","sha256":"339747e3a960dd82946bb6b06fcf1dda76b9ee786a337726b535a1d86d6b9c0c","sha512":"8c83157d1a2d4bacafc89ed01d444551151772f1119272c303ace71aa12b6f1fba29da8c9597e2a9baf670c93768286a405a70186b92ba5aae84554b9123c1eb","ssdeep":"6144:K4lrdS1Vqp5xb+XzxEXdUfM2Z0a54VXTnDBHiSuLx8isMZg07LQi:7vS1Mp5xb+XzxEXufM2DEDVHDub7LQi","tlshash":"04c41b8d72c1b5314ba36070503f250bb33b299c680980dcb679d8ea6dbd949526ffbd","first_seen":"2024-03-05T16:56:16Z","last_seen":"2026-06-07T01:38:16.197412Z","times_seen":819,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-543bfd0b.0b806ae0.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.514Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-543bfd0b.0b806ae0.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-6e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":110,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"816d80b42a21f216380a30e6500d6f7a","sha1":"3756ef95852f0629166368525773a88d8e0bdd89","sha256":"4b85d91cb2ba95400d06be06c2c8ebccb68766c332ac2a914cc9678316febe8f","sha512":"d74f393865683c8d273204abd7265ddf1318b48225d5c3978c7edefb9a47fe00656111e68f20c561c2c77e10b9568ffe7fc04292d5cdbcea0e964dcdadcd1980","ssdeep":"","tlshash":"4ab01200b81c050f02ebf348a274d88734383993cfa8133d3db0c9b08da31503402c81","first_seen":"2025-01-10T12:51:25.868363Z","last_seen":"2026-06-07T01:38:16.160351Z","times_seen":554,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":74,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/api/file/banner/202512/18/5ccb806f4887401d9f3074842216c7e3_.png","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /api/file/banner/202512/18/5ccb806f4887401d9f3074842216c7e3_.png HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 00:50:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 86811\r\npriority: u=4,i=?0\r\nvary: Origin, accept-encoding\r\nlast-modified: Thu, 18 Dec 2025 04:29:27 GMT\r\naccept-ranges: bytes\r\nage: 4876\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WqjY7xVknwS5H9RKsvs7wS6FVo5I7qvZGVypOz8uGEq9gF2S0MiH1Wr8cgBhAzfi%2BLU4ZrEzrnLSVzs6ed3xQeQi3MIFkl23pQadWCmovIbS0SnqIf4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9f75bdc86f56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":86811,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"8e88821bb1dac647065b32143d790ef0","sha1":"01ea1c3b276898ee3348eaf65979d12cb989052b","sha256":"c13cb4b58d8680f6308f8fe40cf28e2ac9bd1243a01b0aeb67a208a44027b9e0","sha512":"420eba64061ffda0c2401ce9205a6f82b564dc1c5cfbfbc4e07576066fbf807f41fff486ab4eb0e392cb0f847b79cb504dd16f5d55ad1296d2d383656377872f","ssdeep":"1536:VMCAVk8EwI65Cpg0WW7IZeE38Je55Eea7DWzhGF6Nk+D4zXkS:VMdkgfQWW7Qn38OFaMzzD4zXkS","tlshash":"4d8302c9c88655015e1633cce252f5e0cb0eea10ea35070ec59ef89a4feb136dbd6583","first_seen":"2025-12-18T19:47:47.598607Z","last_seen":"2026-06-04T10:55:59.54671Z","times_seen":267,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-2d207f61.85c1d870.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.126Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d207f61.85c1d870.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-b4b\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2891,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2875), with no line terminators","md5":"ce951bda38552a6d5eb495a81b60a04f","sha1":"64216cbe03d5dd49be3d3f79ea27d9da9d2f586a","sha256":"1cd3b784101271e03ea653d67d3cc374af0d49c93d8eb1480c5f5f21cccc53dd","sha512":"3d3358f2c61ccf182701c090a2033a0d942c020595e9659c12466bca780e56789db36ccef66da4fbfccfa1a1661067b3a69a14b5b89db47d223656b5dc02b0aa","ssdeep":"","tlshash":"c451979ca1b6f99702d28246642f07cfe33437184c32e412bfb6cbc4e9ad496225675d","first_seen":"2025-01-10T12:51:25.90949Z","last_seen":"2026-06-07T01:38:16.209853Z","times_seen":579,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-932adb64.c32f0e42.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.945Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-932adb64.c32f0e42.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-3597\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13719,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (13595), with no line terminators","md5":"3db019dd6954f9874e67fcb54cc10431","sha1":"e16e55da7ba80c46c6231385c1a32045c79a31b5","sha256":"c28857661ba5c6e48d7e449816878c9cb7b64529e216f9bdab600752abf40266","sha512":"dfd05947aaf6661c813ce960ad4737a79fd6a56d9badfefa1f4472a692b7ecf27bbdb19ffa80178acb939887fcbedcbb46e04492841ea48da8442a4eef586ce5","ssdeep":"192:Ff5EVraVcIJnPB+n4dFP9v6NYstio/jPmIcR25h:l5EcrtkNUo//cR25h","tlshash":"97527409b9c3f5aa8c6aa051402f2935e1363ed5a022f141ff34cde06a65c75371dbae","first_seen":"2025-01-10T12:51:25.929695Z","last_seen":"2026-06-07T01:38:16.139061Z","times_seen":532,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-c5c0ecd6.3ea8363d.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.142Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-c5c0ecd6.3ea8363d.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-e03\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3587,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3587), with no line terminators","md5":"41fcdae977e717a12a1004b9651eb9a0","sha1":"af9a14f6643ea30a0d58ac26b2a11c6b6e85f65d","sha256":"23b68516d5c626627904ec97e44374bc1b120f088bc64e085b77805c895ab0a3","sha512":"26a22d896954e3ddf63dc817de327fa7997e532ae4205e97fafdbb44245b4c0a87295c6937230fb4d7559b8a8975e5e097b683455665d222ee168ce41cdf70f6","ssdeep":"","tlshash":"7771a4aeb8ccfedd08126150583f3114f18a2c01e86454d5bb75ffd58e86531099eb6f","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.184282Z","times_seen":801,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/api/file/banner/202512/18/9cd8f17b83bf43ab9b89258992900475_.png","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /api/file/banner/202512/18/9cd8f17b83bf43ab9b89258992900475_.png HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 00:50:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 130333\r\npriority: u=4,i=?0\r\nvary: Origin, accept-encoding\r\nlast-modified: Thu, 18 Dec 2025 04:37:44 GMT\r\naccept-ranges: bytes\r\nage: 6622\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1vthG7RwdYwKI%2FnqcFdXofqqpgOkgmTUl9tz2yG%2FxJgq8I5gTwtS6ZKZ%2BZDUsir%2BAve%2B0Bt6NPT2G39h9fec%2FfVI3kKL0K0o0qvBdlf%2BI2mv2ytaXbU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9f75bd185f56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":130333,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"f5aa01869f06bd5b3ab1e71ac61091a8","sha1":"6bf43f063eaa5296f64343a69569cbb35ad648d9","sha256":"4d02780787c1e5a1115b8dc760a321a1daf423c22a8fe35e5705d9b0e87af3ef","sha512":"35d5dfe245079c8fbb7b806fbef85eb7abc07206f9a9dcf398445ae253b468ce7ba467daddc5d939a842e31caf3f4123e01072dbbc8b36756e05d870c9d9abd2","ssdeep":"3072:p9x78dLWt58rV/yuZe2HfJgy6bXjSfsl3DAA/:p9SdLECrV/guLf6","tlshash":"02d32328a5b879c5fb177b0638a23b18271855357727ea3894f3b75e92f87024c4123b","first_seen":"2025-12-18T19:47:47.703406Z","last_seen":"2026-01-18T21:42:14.151735Z","times_seen":87,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/92eb53cf5b320fe5b77bebb89cb3dfa7","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/92eb53cf5b320fe5b77bebb89cb3dfa7 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 79052\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"92eb53cf5b320fe5b77bebb89cb3dfa7\"\r\nx-mms-request-id: 5aee6b9ca7284e7d92b33675ba3b8fff-68e7208a\r\nx-ser: i1911851_c11460, i1935945_c22759\r\nx-cache: HIT from i1935945_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":79052,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1024x1024, components 3","md5":"92eb53cf5b320fe5b77bebb89cb3dfa7","sha1":"eea99f109278b337d28302adace5addba66f3945","sha256":"aae32413f2ee40f9209bbe53e6a6e200e79b8078f178964ff7d1e5ff410bb344","sha512":"b51302d34ed46b35c6430c1c52d9130725e00110505870839a8bb65b2bfd4e90598c8a2d24269ddb0cd3bc8c8a63b0d9e139a327f0082ce23a6e01eeb68ecbb5","ssdeep":"1536:THMLVuhOuIgdw6LVKT7IHFM1QlCHARQS8yGws78RugaON63:gLGRL6/1QlmqrGVoRug/NK","tlshash":"747337578c588f436028d7e9bf030dac2f1a566da9c276fe01220dcb6f647764c8e16e","first_seen":"2024-03-03T13:35:34Z","last_seen":"2026-01-07T00:51:01.40019Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1288,"timings":{"blocked":627,"dns":0,"connect":35,"send":0,"wait":121,"receive":23,"ssl":472},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-07f01604.862733e4.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.328Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-07f01604.862733e4.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-fae\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4014,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4014), with no line terminators","md5":"2195639468928533275ba7f071087cc3","sha1":"0e525068ca00f15f91772aaf6759025082fa02c7","sha256":"920bef6bb84844bd331f8f43f7c0e46aef7d6492426090103683ee1f28daba2c","sha512":"6fe190c8d5984970691bae634ca578e38c246b24fca02aa50088b32fb27fe712e2904fd8ac2bbeaeb3839354bd57da2c220de8002d8c0b263e71a1793c928a5b","ssdeep":"","tlshash":"0481a62ab1db34a6106fa080243f3202b33425455956d0c6fbb0c7d49b656ec7d7bbbe","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.1003Z","times_seen":813,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-0fb71da5.08e3c924.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.521Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-0fb71da5.08e3c924.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-4cd1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19665,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (19423), with no line terminators","md5":"3386c6494ca17f50fe1f06e4fbddd32f","sha1":"51a607c5e9fc4930fce7a64d20931823cb790884","sha256":"b63eb584db1bfe454f5121bd0fc610f6f33530bbd60b95f18eb05529353fb461","sha512":"cdcc1640e1527b57b66919096500811960cd399853b846db4fc53f69bfbe1f965c10bda4e57e3be6e71213aa24318febae7aab625e309fcf26b64f0c14cc787c","ssdeep":"192:nkTPjtvXoHoDZ+wH4uolUb1AQqJ918SKCpJlOA1bJpulPqdUcc6cn6:nkTbtALwH4uolUb+cCH/bJcad","tlshash":"3b928518b5c7e2ab9d7a9022402e3525e1317ed9a026e182fb34cdc47929d78372df7d","first_seen":"2025-04-07T11:12:04.256222Z","last_seen":"2026-01-18T21:42:14.17552Z","times_seen":126,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-2d21d0c2.090e3250.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.127Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d21d0c2.090e3250.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-4eac\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20140,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20140), with no line terminators","md5":"98fc4f7d659f3ff5fe223a0005d30e5f","sha1":"8464c1b8138ce0a4b902c403fbbd61887b215a6f","sha256":"3b4fea3e5f45315e8243cf56781d0df5722e6133942671dc592ff479ba8213e5","sha512":"205b160455a2df2174059f4306d93b67d21c207f50caebf6006df72c501c954aaff7770273e5a68c9190e82251c6f62cdec564eaa28947bcb6143ed41b6029ff","ssdeep":"384:S3v3YBYcL1rAAdTRA7v0zwrmSHHHsglQFx+m1OPNtOVSLMyoLyUhyytGojYPFKp:9zwrmSPG8DOyZUoy2m","tlshash":"4f92e6e9f35542f6525d5cc5286f201ba4b0a4262c1a41acbfb5c0e7e8b8fd1787af70","first_seen":"2023-03-10T03:00:05Z","last_seen":"2026-06-07T01:38:16.22947Z","times_seen":1222,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-385c545a.d2a36315.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.322Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-385c545a.d2a36315.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-28fb\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10491,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10417), with no line terminators","md5":"ddb02e45d37e1639cd3384f733bdb3fe","sha1":"9d991775f4ae663e220277c089e9073a500e6c9f","sha256":"3282f4d68e030666db13fe7fd07d974a17c345ffadb4198fd8550b426dc29ba8","sha512":"8bdbcff92fb4750044670b130049c5b9a3520c036def3409045f1cfff424d9e3a5a7d5e806ebb895f2f3ec4be25869bc3515c4b6d35dcb4d7f28bbdc30b5cda0","ssdeep":"96:5fzkx9RKgp26fTX6eHrS1HeoHeQQX6QXuMU9TisyTsaJ2g4Hl/TVhD4O+gktmIFk:5bkQ2zLWRRHZzjyvm7ktVFdS","tlshash":"71222e64a487da99ec3f4422906d2371f1643fe6c738e082f7b4ce5902d5da42b2d7ac","first_seen":"2025-04-07T11:12:04.213589Z","last_seen":"2026-06-07T01:38:16.107298Z","times_seen":532,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/static/theme3/tabbar/home-sel.png","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /static/theme3/tabbar/home-sel.png HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 00:50:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 678\r\nlast-modified: Wed, 17 Dec 2025 16:43:50 GMT\r\npriority: u=4,i=?0\r\netag: \"6942ddc6-2a6\"\r\naccept-ranges: bytes\r\nage: 4876\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zfWlYF7MRuyDbI4kRtuud8p%2Fakln0wTwYodw58Mtjk8qxBCBH0w04Mq4adNe63bOXPY%2FnMBBdDy9um3s7mQtZL7pG1yhHobx5I%2BO4YgW8KwEH7gRLkQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b9f75bdb86d56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":678,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"77799daa36d79f46d4b281b47653ed1b","sha1":"55373be89e5b80041a0498a720e73db384b30236","sha256":"72587bba2c08d4d3224cfd5c5be4be51b84741142696938d00361e372d2c8813","sha512":"eae2e0e6d68a4b7e1542cd846aa3fb78cb007b0a62f860425bfb544b1c89c9d34eec213d2a344353a0dc30521f4d529edb983f7b4d2c1acfcd1e54cbf7fec813","ssdeep":"","tlshash":"43018393f30668269ea14ee7c33f9178e088c99715e864696a82843d1370ba8f52d267","first_seen":"2025-03-03T23:57:52.309985Z","last_seen":"2026-06-04T10:55:59.584628Z","times_seen":295,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-925a3b70.11d3217e.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.723Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-925a3b70.11d3217e.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-75\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"ed7f88f9b7f99042eda629536d2dc0a9","sha1":"c61d47c506e1148456c852656b484d574c28abcd","sha256":"a1a2ab3daa36c4ec3c95db0848653e6c47a8592b7b43c8e068f6c777661bb463","sha512":"9a504eb33cdcd8d78bc1d2f4ec0b29ff78c404a861aca377dd6af8a1217270a24244810072bb1131fa594c448e8601251ed9f9ba4aca5decfa5b5c00fe03e483","ssdeep":"","tlshash":"03b09244298c2812ae5fd0f8a02164c18112e3bacf060393df20e86c8d830b82481d15","first_seen":"2023-11-09T03:37:00Z","last_seen":"2026-06-07T01:38:16.182285Z","times_seen":770,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-2d2293a9.dd3b602a.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.129Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2d2293a9.dd3b602a.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-1b8e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7054,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6962), with no line terminators","md5":"bf61bb7d7011eb3caddf20678825b4ab","sha1":"8de941084181a6dda6a59d94b98357e10f97a8a9","sha256":"05c8ba7ba82bbed59a6597f915e1d4ceeeea47fb7c248defc482627f5bf1aa5b","sha512":"22b117ee3926ab738e3dcf0f39dcef2aeae09d5af2de294bc7744e6aaa53480e4b53c88c793bc82ecb9cc4300fdcced631b5af7d4a728a23fc4f1d896404e39f","ssdeep":"96:OFtCv/hGpNksPmEo+X+b+F+n+ejj5rryklgc:OH0GpNkse755","tlshash":"9ae13424f4cbd69aac7a400250293531e2293be6d52ae443f378cd9447faef8271d75e","first_seen":"2025-01-10T12:51:25.910986Z","last_seen":"2026-01-18T21:42:14.35122Z","times_seen":139,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-925a3b70.7513d513.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.944Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-925a3b70.7513d513.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-13a5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5029,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5029), with no line terminators","md5":"ae10f24df8163b26c0a8acec88ebfc61","sha1":"c0c320097f42858a0bea9dcf3856a9c368e93d9f","sha256":"16683f30f4b68a618f21dc64abd32a57b9cede65c70e5200e4091ed79815f796","sha512":"81647890e433c6bd8cb635528b745028179a737bd29dc4e8c43be9086e463b56bbc03077c76e099ba8f680f5d5a3339a11ec3aee77ab9ff32c0a8a10efbfb2a6","ssdeep":"96:ribAxCrPwsEiRiRJK+H19mHRMR4RMpBGhBfL3U2xK7q5bCS4M1nMb:riEs9QzYMmMihBj5xl5bCSFc","tlshash":"9aa1bac8a5e5acda076392a1503f31d5b212d11964337486fbb1cfef7d2d6d60902b2b","first_seen":"2024-05-11T19:59:42Z","last_seen":"2026-06-07T01:38:16.172014Z","times_seen":720,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-fb9a6e1c.8df8b8f8.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.523Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-fb9a6e1c.8df8b8f8.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-856f\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34159,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33859), with no line terminators","md5":"a9bd527535fee691a498a0373250ab0a","sha1":"00bc8a595f9c08b797aa77a91a688bbd46270794","sha256":"d394668739edea44c2e10f41414e03dba4f912bcfb6e660e0ff5c3ae765f1d4e","sha512":"a379c34b21e74931c54016d85d17a214720c175d46de507d3ef1ccbed4de092f2f9abb33ee1d2ee345ff50a09ab4be60571cce01ad503f8297e5864c1a7bb76b","ssdeep":"384:GiI4p0WEVWA4T/oZXi+ZsVMog4T5kZXDvZXQnJ/1RNqzZmoke/:GiI8fEcVudQO17","tlshash":"11e28616b887e1afdc69a051802f1971d1367ed4a016f081f774cde0a6b9cb43b2dbad","first_seen":"2025-01-18T12:14:07.092793Z","last_seen":"2026-01-18T21:42:14.333885Z","times_seen":128,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"ws","addr":"og6y7c.top/api/websocket/server/476/ktomhx3a/websocket","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.776Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/websocket/server/476/ktomhx3a/websocket HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nSec-WebSocket-Version: 13\r\nOrigin: http://og6y7c.top\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: lBjQgUBjkOUgLm9lGthv+w==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nConnection: upgrade\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nSec-WebSocket-Location: ws://og6y7c.top//websocket/server/476/ktomhx3a/websocket\r\nOrigin: http://og6y7c.top\r\nUpgrade: WebSocket\r\nSec-WebSocket-Accept: +67uc8yfa1b+A1HpEyCO/khrh/g=\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T08:09:46.638045Z","times_seen":16208064,"resource_available":true,"data":null}},"time_used":510,"timings":{"blocked":150,"dns":0,"connect":178,"send":0,"wait":181,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-5107cc17.5b51847e.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.460Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-5107cc17.5b51847e.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-38\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"dcc674340ff040ab654eb55b530556ba","sha1":"9739419af50aff8b829574227d87ba633f011ad7","sha256":"b0ed0a7f8a5d5b371f3a849dc5e0dec2ce1762960ae5dd482fca9bf894b3e243","sha512":"40f2e1da743656f13c392baef089af7ea650b28b3ad2f56f69345e7277a87553791f4ef565b0c011d85746848597cee5e9c5603d4816013db9952619b6559c90","ssdeep":"","tlshash":"809002ae1e1ca0ac8463a40601c01e5411186509529551c64d15acb424c92052c19580","first_seen":"2024-07-16T23:08:14Z","last_seen":"2026-01-18T21:42:14.262702Z","times_seen":215,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":127,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/api/file/banner/202512/18/f262bdffd9844bc5b131c2913f0ab119_.png","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /api/file/banner/202512/18/f262bdffd9844bc5b131c2913f0ab119_.png HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 00:50:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 143541\r\npriority: u=4,i=?0\r\nvary: Origin, accept-encoding\r\nlast-modified: Thu, 18 Dec 2025 04:38:13 GMT\r\naccept-ranges: bytes\r\nage: 6622\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZSlFfTPK7qYZmwmnGEOfslAr%2FPDAPJP%2FDCppID27SxuexcXbRzFm0lsqYjyKcyndtfWlU7puCRYJhWwRCASDRARy4TlzXgzozgb4n8MYLOOISfX%2FS7s%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9f75bd386756b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":143541,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 716 x 348, 8-bit/color RGBA, non-interlaced","md5":"fdd5f58cbffd051b6552f2ce128d6004","sha1":"96a0079d11d941941b11ab8c7e0b5fc7301f475e","sha256":"c8c3e7b4863fd1315b3203e94b93220eb2d331e9b3f72b4118fd0bf823ae405e","sha512":"aa0b6d0d42b2812db3021298eb0f0a4b554b08ccba7eecb1ba8b6e092ca00d82d1c3ed39f4c6cf2e4b1a00d2209648d293ede1b4e8dd8e0ab695992ab9304220","ssdeep":"3072:uy82eiOcdHAMdUcyFbyB0uoK3syl12sBR05VXHhtmrI/wxZ6euKxoMs3HSG:POQAMV0WW1K3V12DoSw7xPor33","tlshash":"fee31395fc35999d976f0e392ae6686114a60500cfff074d84a8f2692bcfed4d938b0c","first_seen":"2025-12-18T19:47:47.604136Z","last_seen":"2026-01-18T21:42:14.280667Z","times_seen":87,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":10,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-7r9ah-llbnqycik717f9","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-7r9ah-llbnqycik717f9 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg;charset=UTF-8\r\ncontent-length: 578675\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"163870bf7fa86b006605d6bd6779bbb5\"\r\nx-mms-request-id: cfc4e1ea6fb940cf8501b3489e3d2eb6-691c353b\r\nx-ser: i2315799_c11272, i1940231_c22759\r\nx-cache: HIT from i1940231_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":578675,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x1000, components 3","md5":"163870bf7fa86b006605d6bd6779bbb5","sha1":"cf03e6da2dbe82121fd23531d385d3b516749dd7","sha256":"7a7fe6ef4d40cbca0fd7c3f2e42c677f98be3e31984a9d337d2966c50bec177b","sha512":"822b8650f2eeed778500ebe080c2afdf59e8d27dca6a14a846e49fdc80fc88a9de2692aeb5bf3693e5ac58ef1f329800bcc14952d495aa1f0265fd42557adad2","ssdeep":"12288:DtYvL+deFTZauZ2ZM8cEZqdbErDgMoNwYqHltGUPTjaBO3oV:DtYvxZausMrEQdbT9OYKP8RV","tlshash":"9ec4f0173b9ab208b736bb9465d530e12357f6200f157e8c0d6d8e90ab1391dc69ef3a","first_seen":"2026-01-07T00:51:01.411686Z","last_seen":"2026-03-03T12:33:03.394717Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1489,"timings":{"blocked":648,"dns":124,"connect":24,"send":0,"wait":122,"receive":80,"ssl":481},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-9c1c641c.471bd454.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.131Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-9c1c641c.471bd454.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-39d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":925,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (925), with no line terminators","md5":"1630e44870c051f166fa952f722d4725","sha1":"bc968080544a2e59e8e026de0abe54359d28e39d","sha256":"6c95e0a7e350c2c80e72c4240857bec35219ccbc7ad3fc34d61290e62a7c20c0","sha512":"a45ad5fc2885dd1e50f162373b8dd381440eded0a0ec9907082e5c05f0ec84ebe51874bd3d3835a1b53995f552adcb05f9007d845adb0c1e3cc046d2237966b1","ssdeep":"","tlshash":"7811cb4d39a5b1133b2b64a4106f72889de7218639bf6c91d164c4909f7258f116bace","first_seen":"2024-07-16T23:08:15Z","last_seen":"2026-06-07T01:38:16.12941Z","times_seen":631,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/js-cookie/2.2.1/js.cookie.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:12 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 1299\r\ncf-ray: 9b9f75aaee625694-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ec5-f2b\"\r\nlast-modified: Mon, 04 May 2020 16:11:49 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1544512\r\nexpires: Mon, 28 Dec 2026 00:50:12 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Fce6rkHE0GAWkgOHhBeNB9CJdZREhZNb3xRmsGx48RsGlwImPQylHKEa2%2B4ACHBYFehmu%2FBow014ShUx%2FYRk7eTkAHK1Gt4AmOxunj9WOcHc9DjennEzOQFz%2FC4EKE2qKD0CSx12\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3883,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"fa93e8894edb6245ab03883633b12b6e","sha1":"e3ba4c7d1a8876090756fd31715b4f6af6fd649e","sha256":"3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15","sha512":"263612833aa8f4ad08798184b25311604f1a3bdb6aecacb71103661159007ba0a9d7803094930b3276f47e980492bdd8c49f208508ab88ebd9c0875166278621","ssdeep":"","tlshash":"0c8124b0bb8d35ab0e0e21145b1f60cd927ce43a085949f6ec9df1321468c2e977ad6e","first_seen":"2023-03-07T12:01:36Z","last_seen":"2026-06-07T01:38:16.121757Z","times_seen":3331,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/api/file/banner/202512/18/a4d6e8cb2bfc4814a9ead1b1e4cecd74_.jpeg","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /api/file/banner/202512/18/a4d6e8cb2bfc4814a9ead1b1e4cecd74_.jpeg HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 00:50:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 55665\r\npriority: u=4,i=?0\r\nvary: Origin, accept-encoding\r\nlast-modified: Thu, 18 Dec 2025 04:27:37 GMT\r\naccept-ranges: bytes\r\nage: 6622\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=upNYE6WJEnjBIp%2Fjt0EtvtoDAJhMp01pybleWEoS2mi1EtQVt%2B8%2FbvFHY8yk50BhhsRpLrKKTjitCHFHm6AmitaHXe6e8e9wudP8SGx%2B56wwNQDpod4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9f75bcb85956b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":55665,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x480, components 3","md5":"2bd31655f9e65cb1d43a0c903ee6a243","sha1":"ecb30db3a1bd4c332f7f2a086f0a75bac42875e2","sha256":"6eda2102821ae838afdc1af8f9146f61d4be1aba1bffedbd12e655163668538e","sha512":"50a9e96a93d263352c153db683d10400a2a3355cba82941a40cb6d2a037744fbe8b3f3c5df644a838546d15cd5d9b8e9ba75c8076236fb2bac95d1562dd18d7c","ssdeep":"1536:TuagQB0+MGH0JO6nJxdvf4Wm2xwKbZ2qJQ+YTjE:qlQ5sO6nvltjZ2qJQ+","tlshash":"9343e00bfa48eb56c74156fbd6534dc0430b2636786b36e7b92268cbbd305722cc958d","first_seen":"2025-12-18T19:47:47.644179Z","last_seen":"2026-04-22T09:54:52.082227Z","times_seen":224,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-bedbebc6.48674e8a.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.760Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-bedbebc6.48674e8a.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-217\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":535,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (535), with no line terminators","md5":"7cb492e49c4bc238ac1ba446cc87dafa","sha1":"77d8a8a65d2941059b5f5b179d936f860cfd875d","sha256":"5f4460de1cd15a1a2479448f3237db59d780599a49e8ddd4f3953635cc67a1d6","sha512":"4809320276f42de5368a6bc73832e8fc95d22305707caee6a0e9cc7309a0ad64fecf8fe6ee347b05f30f9fb600233fc7c0581dc1767a1ffa576d36d03a7f1f16","ssdeep":"","tlshash":"98f0fc137a181235a537d9a578e31c443e04ba27523fd8f1d9479b31cd920b63111e8a","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-01-18T21:42:14.325277Z","times_seen":391,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-bedbebc6.7ed82b0a.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.139Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-bedbebc6.7ed82b0a.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-39d96\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":236950,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30282)","md5":"a3ce4dca291588667e2a51997d335a67","sha1":"c50ca102bbee68c3d916494dfd7c7bc0a8ac5d43","sha256":"52b685798ee01f0b26ddeba59a95a3fe01069408bf884365845398846b24f7de","sha512":"6d013fa0038bd145e4deaab359ef521debdf58aeb1ae423549b76ee321228517c42f45a614154be51a6cb742ca8c5c6b0aaa50763a9a25fbf596ade12fad8954","ssdeep":"3072:IokxAxSqddJqG+J6LXtqQ4kCjIMcI7iYvoB6VsMQzBUXtqCxPWN:Cxg9jLXuQssEA","tlshash":"e43497b477a72cde0b7ef09b001b2d438d981b57107ec1a8f25aada22d74706deb1674","first_seen":"2024-05-11T19:59:42Z","last_seen":"2026-01-18T21:42:14.237215Z","times_seen":322,"resource_available":false,"data":null}},"time_used":368,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":179,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-cefa4dd6.9b1e3f03.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:18.316Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-cefa4dd6.9b1e3f03.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-e4a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3658,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3630), with no line terminators","md5":"c7f69205f475f482c05d51dcb8484961","sha1":"6d530241b630019e437f2b8543a543f73ce148b7","sha256":"cb22d21841975cd5f299a45ec3da20a1a55ad797e17448752b0644ffcaa64f66","sha512":"d74c7ba27a37d586252e6e7bbae4dbaedbf86eef8e95949e2f2df4bda59803182b5d5b5acda0f2c926cbd7b6c446fc3d3c7405c78f63ef5bddda0a9547ff5e73","ssdeep":"","tlshash":"2071846d7587e15a8d63b062402f28b4c0b66d88710a74d6f734ca9565a84a02b3f7fc","first_seen":"2024-09-29T13:50:38Z","last_seen":"2026-06-07T01:38:16.208116Z","times_seen":588,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-14939100.86727a02.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.951Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-14939100.86727a02.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-b5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":181,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"d767b20d058befb6c98cae9d3540410e","sha1":"684d5509c3be8409e6a48c75f83c4cf6af2de9a8","sha256":"84c397df3adc89e32d1c2389561375aa1e4e6dfca8abf83904d6823b23ebabd9","sha512":"aa60f6192d2eefb81b7214b48341cf89275a42cac953e8579465ea9257b68b77c56abec8d16bc840d0b01ed530b65d21ffe5eba7a0a9ebc611c2302b544ced48","ssdeep":"","tlshash":"68c01200fd9d2c0c11abd7c691a0b9dca9283aa2c990928aa8acef21bd431907801a84","first_seen":"2025-01-10T12:51:25.856543Z","last_seen":"2026-06-07T01:38:16.117847Z","times_seen":590,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-26742610.878e04d2.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.413Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-26742610.878e04d2.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-cf56\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53078,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (52560), with no line terminators","md5":"ab5cadd39b8e2c9a97682bd6102fbfee","sha1":"bd9537b4dee413e52063a6440e5de6cfaf4b26db","sha256":"e61d3ce051b4bb715c2bdf39cd9c6f83d098efccd0d47ed365313107513fcf02","sha512":"1b390696384da91b9613877aae6ffde5ed6e75ac2373aa1f034052fc07642d89ae9519d650b29de82270f9687458d70811f41453334f5328d0fc5c79b556dbf7","ssdeep":"384:wGqLJiP6oxrZXHWZcQqcDk0GY9BtVoTZXHfZFrZxmRe83UEPZd0WIZo99xV0mY4Z:wGrRI+L2XrYTom4n51","tlshash":"6033961ab58be2afcc6aa052811e1930d1757fe9d025e081f734cd9496e9cb8373db6c","first_seen":"2025-01-10T12:51:25.901568Z","last_seen":"2026-01-18T21:42:14.157915Z","times_seen":128,"resource_available":true,"data":null}},"time_used":239,"timings":{"blocked":57,"dns":0,"connect":0,"send":0,"wait":181,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.15.14/theme-chalk/index.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/element-ui/2.15.14/theme-chalk/index.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:12 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 28355\r\ncf-ray: 9b9f75aade555694-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"64e78703-6ec3\"\r\nlast-modified: Thu, 24 Aug 2023 16:36:19 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 11031478\r\nexpires: Mon, 28 Dec 2026 00:50:12 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=kX6TKPsWqfjOggrjXJAkjgTW%2F4SRchT0a7vDc63oQGv%2B4gwJy0vYy4iUfkYI6fD8cB5yqhLLtGFODRaSfJr%2FbmlbLjx%2FRxm1cVxfmrfk1F5ouZd5ouvQoDZQng9DFE3jtZyxA8Cu\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":240033,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"07ced7e527d781115b5a9f3f3f559884","sha1":"371b1a3e8d3453a2451e76320d9d7c0e301331b8","sha256":"dc86d4797565d05e88d63598128328e2ed6f02f7f6d950a36a1c4ca9eb9c8057","sha512":"a19dda2047af06da26cb446e5a9184fbb87ef5db209368305f4636d5bf28bd29442d05b556540359dc41198218092ce706bf1a7b765e18b3c481c2edd068e10e","ssdeep":"1536:c28Y7SrW3YeWXA1u9w4HCe/l4TEg5fqMEeje378OaiZkW1YO8eQM+yFffwbIcfGc:lvHjahfAG1U2VGDt","tlshash":"b234a7219b03216b612bde6cb6c0ba895f18c323d4725bbbfe95740dc7d34891267a4f","first_seen":"2023-08-28T11:31:40Z","last_seen":"2026-06-07T03:44:23.891997Z","times_seen":1439,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":12,"receive":2,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/lib/jquery-1.11.2.min.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.294Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /lib/jquery-1.11.2.min.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:12 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-1787e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96382,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6355f3cc28006e33bad2e765cde30e0d","sha1":"909cd6318d5047f3c8e83528253b256981394414","sha256":"39eed2d24faf4985b922b64d078f106edba6b3b84d5385e483a5c7bd69201da7","sha512":"b22d3868a7b311f82bb149f8afccee03c68dcd5e7152a061b8e18d97aef794b106dd1cc081d49f4d638193924ffa5885239cf67152fc339ff0cf3cd1d194d175","ssdeep":"1536:0Hg1kz+hAmcGmVFnlkFybx+amELolY+30k1dml+BQZX6YPnrCtn8JkDnlwMxVW2:0HDdc2F3c2G7mIW2","tlshash":"13930add76c2b06387a720b9506f550bf276599e280c4440f268e8fabc7ca49a137f7d","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.127956Z","times_seen":1822,"resource_available":true,"data":null}},"time_used":709,"timings":{"blocked":346,"dns":0,"connect":0,"send":0,"wait":183,"receive":180,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-06ae24a4.fd43ee93.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:13.527Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-06ae24a4.fd43ee93.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:13 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-bb0e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47886,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (46623)","md5":"177ff7e3310c02d7e6a139a3237e0d38","sha1":"375c1fac3912c4b63c01d7bc241aa43ed0055460","sha256":"db079d71523907889a19e611a38e528a3405d89d22506634a177248f03f93226","sha512":"004642aa9fe53920ff46cbaf93784da99051143c22aa04e4e24ce332e2556b057d331a481f31ff427dc0b5ef0cac013c55e41764af8496f59366278918044741","ssdeep":"768:KEkZgRUp2R7p2ROwo1OAPkuD336ya5hrCen0eTg:KEkZYwo1OAPkuD336ya5hrCen0eTg","tlshash":"9223b89a48a1224591234e56cbcc9fa8473cc76364b25cef33967c4bc745bad23ce617","first_seen":"2024-07-02T22:35:06Z","last_seen":"2026-06-07T01:38:16.10846Z","times_seen":762,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/static/country/id.png","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.697Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/country/id.png HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/m/index\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: image/png\r\nContent-Length: 208\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nConnection: keep-alive\r\nETag: \"67a4aac2-d0\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":208,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 151 x 100, 4-bit colormap, non-interlaced","md5":"ec86910990aa46ace7ede9b7376c1019","sha1":"6f3fb36ece67a129f0c58a77c6f617cd04f23731","sha256":"cccf07d963c80baaa0dab594a4a8d58725716b95934338bc95ab5f71dbdadc7d","sha512":"39233eba11996662d6c977a51b8b3ac3d5f50bd82a661b3912f03675b501fb01ef3bbe162243ac1e6e5698bbb97b292e5e5563ca4396f29ad9eb64a95558a5ab","ssdeep":"","tlshash":"64d023d375103d3d118d01de4fa30083407041cb1c05d5a6b41750359df5201c199d45","first_seen":"2024-06-16T07:39:15Z","last_seen":"2026-06-07T01:38:16.101499Z","times_seen":566,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":68,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/api/file/banner/202512/18/2273fe47ac8a4be282de499bbbc876e2_.png","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /api/file/banner/202512/18/2273fe47ac8a4be282de499bbbc876e2_.png HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 00:50:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 122618\r\npriority: u=4,i=?0\r\nvary: Origin, accept-encoding\r\nlast-modified: Thu, 18 Dec 2025 04:38:24 GMT\r\naccept-ranges: bytes\r\nage: 6622\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mhNmTJPpqAYgtVu7UjWPc2nL%2FdpZhX0hOPkWDCV0K226W8ofN1D233W9lEvukAahYXxYfb1WfYrsieS805m0RH0a%2BLlwLg5YZncGllbfL2t3D6grnIs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9f75bd386656b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":122618,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 639 x 360, 8-bit/color RGBA, non-interlaced","md5":"a528421afe530e4f6f7c457f7e9931ef","sha1":"02744da26142e2b116fe00512aa95e5eb172e479","sha256":"e1c9802f40b3f3dafb020e1f8a186a66d00bb50fe6577a79959aed30a306b0ed","sha512":"2d7d520b8f3ef8a99b246f7575946c0170d2abe64f9deeeb1e98769e01656ac12bd9fbfa5905d050aba447503eea7e31cfac9c47fca96104f7b02af09869378d","ssdeep":"3072:zYEcoXss1o1bQHGlEZLi06rQdq8U1RbJO/0trUb:0Ec0ZwQqKi0AvAcxY","tlshash":"fac302d860fce73c45951581dd272bc303803f9288a81badc405b499ceddbab99fb799","first_seen":"2025-12-18T19:47:47.531891Z","last_seen":"2026-01-18T21:42:14.132056Z","times_seen":87,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":10,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-7qvd9-lgb05abhithc0c","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-7qvd9-lgb05abhithc0c HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg;charset=UTF-8\r\ncontent-length: 109965\r\nserver: nginx\r\ncache-control: max-age=15552000\r\netag: \"96e247a46a072cf58655b184e3719af3\"\r\nx-mms-request-id: eb242cd50c6747269f9bf7342481abf4-68c50845\r\nhandle-by: down-src-global.img.susercontent.com\r\nx-spcdn-request-id: 68762864f1b2ed257fc8e960060f6e10\r\nx-ser: i2315825_c11460, i1935949_c22759\r\nx-cache: HIT from i1935949_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":109965,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 451x451, components 3","md5":"96e247a46a072cf58655b184e3719af3","sha1":"96ca30c38b4b89c3e3050557a911c580ea998fa1","sha256":"b0993334cbe3a71df231879e9f5418d78bf8a10d09530ac01aeee4f19ded7d33","sha512":"3bedad2a7113c0332ef29410638ca7409e646b944f41a6fbe4d5dbd284585201f51440edb3ae15d9e9f7226bf1dd3c631979efacf4e9004ee74a18ee4bb5bd1e","ssdeep":"3072:wr2Li+bcw/u75yKvi7/JWxYG6+cgcL9vX0D4e:TLi+bjo5RqfG6+clvX0D4e","tlshash":"10b30269674bf7f8c804ccb9436cbca75d658901c4a6ad3847cb922de8ebc1d6e101de","first_seen":"2026-01-07T00:51:01.439077Z","last_seen":"2026-01-07T00:51:01.439077Z","times_seen":1,"resource_available":false,"data":null}},"time_used":737,"timings":{"blocked":597,"dns":0,"connect":0,"send":0,"wait":96,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vuex/3.1.1/vuex.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/vuex/3.1.1/vuex.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:12 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 2776\r\ncf-ray: 9b9f75aade575694-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402f-2693\"\r\nlast-modified: Mon, 04 May 2020 16:17:51 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1553395\r\nexpires: Mon, 28 Dec 2026 00:50:12 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=tO2kK8Ns2cLiJGnUL7vDP8iTvhJaIKmOktc60zpfwitPL%2FaNIYC%2B6kU4vwpugnRwMHw1xM41zqwkbuLYIToaOxMnXORXjj7qv3LqV7aUFNXZSSiJmXsJdqlFBYWq516MKg3C4l4x\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9875,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (9815)","md5":"c66594705de51675f08e3b83b9b9b38c","sha1":"40fa40f722043957a56324174ec6f80389391971","sha256":"e973901e74ff65888bbe2e58b95cfb957d5db316bb185a106f543d99176d1d65","sha512":"3cb0d6b77ac49d3c6c5c5740efa2fd9e3e0c79158c88a9d4f0b709f4713a38a7b72109a2b4c636377c783effc3c6457c718d8cdc2e9c7577db9691562e95375f","ssdeep":"192:90DuIfY7JtjC5ydUypH82+H8urFLR7BD4GOUo1MQl+B2GHPpB3QE7WA+MWnBP:9guIw7JtWqmhfldD4Eo64UgH3nx","tlshash":"4f1261ccf661b0764a377460623f120fe276a46d200a4468f598e4ef6cbe14d94abf3c","first_seen":"2023-03-07T12:05:56Z","last_seen":"2026-06-07T01:38:16.191432Z","times_seen":1411,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":1,"connect":6,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-router/3.0.7/vue-router.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/vue-router/3.0.7/vue-router.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:12 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 7869\r\ncf-ray: 9b9f75aade595694-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402b-60f6\"\r\nlast-modified: Mon, 04 May 2020 16:17:47 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 3969080\r\nexpires: Mon, 28 Dec 2026 00:50:12 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=NYJVN5BzCacBz6O%2B6lZ2PTvttHpeIScupF9vgMGZTIcI%2FvDBqkUlDO%2B5JMsyF%2B5P6RQv0PnrlmHVhfWk8wCjPuUolfnZ1m8kaMI0MVnUNo0l0gQA2o7ZtsbUYbK2E4AQsgGgS0fI\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24822,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (24752)","md5":"32e2eb91e6ed0512057b2ad1e6d1b242","sha1":"27809df1b99a4b81b6b82ba2985cdd4b1c8bebb6","sha256":"e8707a396dd2f8d74eaaeb2f784074a24d7a71cbe15dcc70297f726b31c160d5","sha512":"0ab7b445b586dd27a0aeb72396350982783129c9ba028ba1db847c9d2acc0de9c90c3c9636e76a21553fedf81031220f3676ea64bf7336644c04da33d744563d","ssdeep":"384:UUcnX3xpR5tumD+EaKGZRpqB1UdEPQFWmexTMCJ:7E3jXtuW+qGZK1UCP5mqMk","tlshash":"01b2c7ddb581b03547e326a0412f250bf27b358db44e8498f269e4d52cba85ec42bf79","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.190705Z","times_seen":1171,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T00:50:11.818Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:12 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-3421\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:1.11.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js:2.6.10","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"SockJS:1.3.0","description":"SockJS is a browser JavaScript library that provides a WebSocket-like object.","website":"https://sockjs.org","common_platform_enumeration":"","icon":"SockJS.png","categories":["Web frameworks","JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13345,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (8499)","md5":"c6a97415ae5e550d1bd67d24ab2ab03f","sha1":"0387deee2f15bd25b53cf565772af660f93944ef","sha256":"f815db4784d6be231b038e2b7fa60754a9c867266fc1baa4705bc5f73c0eede2","sha512":"beb8cbf8b42461f9f9d782b26e059e8b23d96d5bca16a7b1e724ed34eecd9f8532bdfc37c95ab809f030c398968c29bc6db4db45c648bb960c30baf9c8f590c9","ssdeep":"192:vsNZeKIC+LFGSFGmQnqQngPlKoIFfKyMxgiAQntyztM4/Z0tf+ahaOa0acaiaBaV:vOZUFdaFSyUyQntyztM4/Z0tr","tlshash":"ae525d39da0155aea9d1dd9b9e39f729c4eb8c3b2070e440b66d8d4f8f78fd40226493","first_seen":"2025-03-03T23:57:52.259992Z","last_seen":"2026-01-18T21:42:14.194676Z","times_seen":138,"resource_available":false,"data":null}},"time_used":534,"timings":{"blocked":178,"dns":1,"connect":177,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-07T00:50:12Z","timestamp":1767747012,"ip_dst":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"172.18.0.37","port":41132,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-01-07T00:50:12.173857+0000\",\"flow_id\":1112163221732688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.37\",\"src_port\":41132,\"dest_ip\":\"180.178.44.100\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"og6y7c.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1175},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1654,\"start\":\"2026-01-07T00:50:11.818512+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/lib/flexible.js?2222","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.288Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /lib/flexible.js?2222 HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:12 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-fe1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4065,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"1572c9446821f8b1dc1136b64b44e739","sha1":"6a786ef63db48581f50e85601ef4a3effe8bf095","sha256":"264ef2e4767a942ee634794619d94edbd7da642cb79277c16b974cac9795c246","sha512":"4283dbb16b94c7db39673fb92808835e7f2ccb34f64502d0524cd571fb28e91c82abddcbf1224d4b83c1fb30908c96a4d16b604b22ef0f491c2bdf2d00213598","ssdeep":"","tlshash":"5b81322806e322361e2330348fbf210539728067055ace447d5ee79e6fe4a654ef6bf5","first_seen":"2023-03-07T12:58:51Z","last_seen":"2026-06-07T01:38:16.121288Z","times_seen":857,"resource_available":true,"data":null}},"time_used":529,"timings":{"blocked":164,"dns":1,"connect":175,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pigeonteensindonesia.com/api/file/banner/202512/18/d087c5d49e6f4cc885b96d63e7b01cdb_.png","fqdn":"pigeonteensindonesia.com","domain":"pigeonteensindonesia.com","tld":"com"},"ip":{"addr":"104.21.25.124","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigeonteensindonesia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 15:25:10 GMT","end":"Tue, 17 Mar 2026 16:24:00 GMT"},"fingerprint":{"sha1":"FF:2E:B0:B9:31:98:15:AB:F6:26:02:B9:40:57:FF:F3:30:8D:4E:80","sha256":"3F:D3:58:24:98:81:02:74:9F:AE:D5:67:AC:7A:AA:8B:A5:6F:0C:10:59:2D:45:DC:2F:12:B1:6B:74:B3:6E:E2"}}},"request":{"raw":"GET /api/file/banner/202512/18/d087c5d49e6f4cc885b96d63e7b01cdb_.png HTTP/1.1\r\nHost: pigeonteensindonesia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 00:50:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 31941\r\npriority: u=4,i=?0\r\nvary: Origin, accept-encoding\r\nlast-modified: Thu, 18 Dec 2025 04:38:35 GMT\r\naccept-ranges: bytes\r\nage: 6622\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ol2td0uKcgTlJwRj1%2F8AN8xyupF6hjOuAfV6nEUx05MxOWowjelMuU4Tjsnu2Rw0AM0Nabx3zRAu1jjyOIEZT0J8Jlr%2BjBhpTN%2FpCfft1hisseuTuAk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9f75bd386856b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31941,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced","md5":"c2a5b292e0510681242e4f0bc2bd8270","sha1":"b1781c4ee0619029f6e4020c8b1384e720bfceea","sha256":"4bfe3eee48a9de1325cb731fd4a37ddffe3bca89cee7eb2dec97b3e3934eab9b","sha512":"1271094de5f2288e1b6078a799e1191b8d10d4dea153356b9eeb11bbbddb096b9390549f0f51b5d98e1462d3e508327fdcc9d0a4f5471980f84e6f8f987bd95c","ssdeep":"768:ye600dZmag9B3jvpbj4d5RTX3jXYuW0QcnO7Biu3f3bfM:ye6b7gjRbj4vR7jJW0pnO9J37M","tlshash":"1fe2f1270ca9a37fc4874df0352782a407dc89ef0617639c5ab63227225bfc53aa1d8d","first_seen":"2025-12-18T19:47:47.748319Z","last_seen":"2026-01-18T21:42:14.281294Z","times_seen":87,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"pigeonteensindonesia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-06","alert":"Phishing Block","trigger":"pigeonteensindonesia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/80c431f8d7170c035a2b85fc25d2b925","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/80c431f8d7170c035a2b85fc25d2b925 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 130913\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"80c431f8d7170c035a2b85fc25d2b925\"\r\nx-mms-request-id: 4c07e7133ff84623ab1f7b5c9528e2ee-694de605\r\nx-ser: i1935883_c11272, i1935869_c22759\r\nx-cache: HIT from i1935869_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":130913,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x800, components 3","md5":"80c431f8d7170c035a2b85fc25d2b925","sha1":"ddcd14d0cb242b5d6bb3c1da52693bd1f85ed79c","sha256":"90e6326f65ef631e304283cd4c2b4f82f3918ae6374077dc1a5d72e8f8259bee","sha512":"05a1e2765d610d3c5b268ba1fd24635e1351fd833e0218baf5a1fccc0d14d6a97929282ffd65c9d86186151dce372a04e76acc19b1037a7e3263c4ac0122d3e3","ssdeep":"3072:nRTYRQCnpOdnBflT7dsN0t3QqL4xghWJGgpYRnitEjzavLLjQ:nIn4dBNHdsN0t3Q89hX9otE83Q","tlshash":"95d3122391f6371b809e03983f167d259a00ce52def9ebdb00728de9ba5d3582e5944d","first_seen":"2026-01-07T00:51:01.449993Z","last_seen":"2026-03-31T01:49:48.768688Z","times_seen":2,"resource_available":false,"data":null}},"time_used":763,"timings":{"blocked":580,"dns":0,"connect":0,"send":0,"wait":123,"receive":60,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-2f854f93.e3c16ea2.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.131Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2f854f93.e3c16ea2.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-8e6\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2278,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2278), with no line terminators","md5":"c0ad238b572499e5ba56003129da1022","sha1":"984c2488512612e849ee4cd03cbee962945cf647","sha256":"3d261d791532f1087f89ab56c7dd54ca963523f3f9bf9f4a446a4bccc98a8a82","sha512":"22b956e51b823ed9a9102f87337a12b1150b34f7a7b89826165adf3a127c1162b1b77b69cbc0d68283ede26a7550c29663c760f31f91c05410972d4ef48e515c","ssdeep":"","tlshash":"aa4135087097f8f404a7a1e0002f3757e11939e45531a595ffe0c6e4aab0aeb9369f1f","first_seen":"2024-09-10T16:42:50Z","last_seen":"2026-06-07T01:38:16.12652Z","times_seen":654,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-5107cc17.d0c006d9.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.324Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-5107cc17.d0c006d9.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-3d69\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15721,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (15531), with no line terminators","md5":"23258b00ca0713cde885620ad0b3bfcd","sha1":"11a82cf7066f066a202af4b07e891dbb33a0a9f5","sha256":"1ec0a40b75de8d9a32534ea9b2e30ae2fcf1c7da3b2b2302e6be240ce81e17fe","sha512":"61b37cd9365d5d0853df6190fa71ddc5b109b164f4609d5a093c25ab494c4d0d6133c9e11cab927e4dedf92b24c2093c2439018bf94ed153a3ae7c2a1a00833e","ssdeep":"192:zjkqzUxdLKal7Fw8+2QKaQG6QFqb6vDy+j2B6XQUQInvdoy/:z0d3+UQ0aY6XQ215/","tlshash":"2b629618b5c7e6ab9cae9021442f3535e1313ed9a026e146ff34cec46968c75272df3a","first_seen":"2024-09-10T16:42:51Z","last_seen":"2026-01-18T21:42:14.169407Z","times_seen":205,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/app.643795bd.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:12.290Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/app.643795bd.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:12 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-1e328\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":123688,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"535e48eebf36033871fb16fd42f6cdd3","sha1":"5e71b1bb075d214016bd2e11f1299ebf3b329a28","sha256":"5fa89a543627da78486e1f6be0a974f8af124da1eb042e721422fb99992671e7","sha512":"cae7a5a307d90000e2dfe51d5f394458b21a03e446881fb4ba5bed1cbf71fd39ee3a6bc6eb0046cd3dd8fdde4bfdacc704c0659e21d337e1b356fb03dd6d5348","ssdeep":"768:XId3U6o3V+4+6agSMJvSL7IfS0GG7HUn9IZkNxziizZyuc48gQ6pVU8eS2A6kiqO:XIK6o3uIfS0D7UnSinziuIW0xmBH7Cz","tlshash":"8fc37797bad9250cd9978a91c59a3efcfdbb191183829cd3e4537bba9f453cb221001c","first_seen":"2025-03-03T23:57:52.218716Z","last_seen":"2026-01-18T21:42:14.195563Z","times_seen":129,"resource_available":false,"data":null}},"time_used":704,"timings":{"blocked":159,"dns":1,"connect":179,"send":0,"wait":185,"receive":180,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/static/theme3/index3/1-1.jpg","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:14.706Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/theme3/index3/1-1.jpg HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/m/index\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 54665\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nConnection: keep-alive\r\nETag: \"67a4aac2-d589\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54665,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 537x762, components 3","md5":"01939cdef146de3d565c9dd341c6d24d","sha1":"266e193a8a20bb95764a6ceb5c7a1541077fad7b","sha256":"34b274f0ed2c8f92bb2516be3a0c5fc9015ac98f49335fd39402bdb993f9c8b2","sha512":"d427e99988432822c4f3ce2ca9678be0d61073651f500dfad0f1a8fa6d06d5607804b3870481c2301170a2dcb7ebf75290a57173bc6b5dfe78da17a04f1b925e","ssdeep":"768:FaOfYnImDuP9sml1hS9V8fRRpOGabsUmTy9YhOammPC1Dvls3mv13ZuhgaGD/PGb:FLgn5uP9s1V8ffAGdm9Yh2O3EACaa/Ji","tlshash":"4633e1e5f69cde5082842d8e1cb6ea5b84d96da6fcb0f40b332c1cf2b7e05d46592853","first_seen":"2025-03-03T23:57:52.294488Z","last_seen":"2026-01-23T14:09:19.497416Z","times_seen":150,"resource_available":false,"data":null}},"time_used":417,"timings":{"blocked":60,"dns":0,"connect":0,"send":0,"wait":176,"receive":181,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-7rbk0-lksv9urvqtn9d5","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"156.225.108.39","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.436Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-7rbk0-lksv9urvqtn9d5 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 00:50:16 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 59374\r\nserver: nginx\r\ncache-control: max-age=15552000\r\netag: \"5130ee96eaa8caade134c75351fbc6d4\"\r\nx-mms-request-id: 1353db0dc65341a698be67c34ca53c69-68c1ba18\r\nhandle-by: down-src-global.img.susercontent.com\r\nx-spcdn-request-id: dee266ab3557fc92df7c464162b2fd74\r\nx-ser: i1911851_c11460, i1935869_c22759\r\nx-cache: HIT from i1935869_c22759(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59374,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1024x1024, components 3","md5":"5130ee96eaa8caade134c75351fbc6d4","sha1":"50faa83c53e9921639169a401f3d4806904eddd3","sha256":"0532a5cb3f7be082e52594b6f3d7a8ab2407843112adc809f745cb0e0953e88b","sha512":"5a156f8708c0dd8f1d6c7c04b1d47a23d83288f3dc36b731271ce83679b0ee7f1cd88609387aafbaff48f781b53be63c25fa570a86a7909c945ff26b8ca843ba","ssdeep":"768:TTjgqz8qB6xUsJ0FzOlZ+sXSmtxWKVi14wh/4sNMN46wZkjgKtH5h+fc4sSpMz:Twqv6x5ASamtxWKVTe4sxGECH5UU4s2q","tlshash":"8f438a438911cf87e025c3e9bf4b4e998b476b48f59674ea14620eaf7f680211dce46c","first_seen":"2026-01-06T05:09:27.413426Z","last_seen":"2026-01-08T05:18:52.809557Z","times_seen":3,"resource_available":false,"data":null}},"time_used":760,"timings":{"blocked":584,"dns":0,"connect":0,"send":0,"wait":125,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-6698de45.417e0788.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.526Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-6698de45.417e0788.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-271\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":625,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (625), with no line terminators","md5":"64a929a7d54bbd849dd6eabdbda4d9c8","sha1":"14052f0e049a7fb4123bb08f26f7cd9fafc12495","sha256":"1728e8eac8bcb6f1d4dccde1cabe92163f790ac8cc0029dda71c9186392dc32d","sha512":"02413b50ff0d0fa0cdd6a6a7de0919fa13b1c4ac560a6996d73aa5c5eb899f0ac3b12240070e4e89c8d84d890017d71c6d55ffd9ec504f223d91205d4e0b3b59","ssdeep":"","tlshash":"eef07d67f0840f08d836d2412bc41ee6906a7522721187f8cec35d14af8f297349a5c6","first_seen":"2024-09-10T16:42:50Z","last_seen":"2026-06-07T01:38:16.228004Z","times_seen":630,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-6e4f04a4.5a255384.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.528Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-6e4f04a4.5a255384.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-75\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"61e2bba3a72b590e1223e0428d00de84","sha1":"36ee41d679d6e52cb18d786a076641e54ec932ca","sha256":"d2e81b03a1686104de770d618c2b38bdf2a667382dd24ddf24913420bfa5fe54","sha512":"d8018d3e835a37a4250e876505266890f25938e1de02cf403a63d46f4d38a89eeb4756dddc1337be4c89bbf63db1aa381bf806b0e390aa0c890247050e319b3d","ssdeep":"","tlshash":"54b0924829cd0092ac9fd0e0a02044c18212a322ca120312ab20947c8d930f82169a16","first_seen":"2023-11-09T03:37:00Z","last_seen":"2026-06-07T01:38:16.234056Z","times_seen":770,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-75292e3e.702a8b86.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.552Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-75292e3e.702a8b86.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-78d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1933,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1933), with no line terminators","md5":"1cad8313ce8f33330685a969429cdca2","sha1":"1ea22dc3dc29789c9f94dcebc85425b5d90a4d03","sha256":"296bf0db8829d0c816826333b799ac3675121ecc33f3fbcd3c96023e159fe153","sha512":"348a870e1b1e2162136410f5fea24118870d3352e97b774c7cba2ba1a431db4bfc81bfeebbb33913bc4e2968d38c0a73d58a909175e90a4b1c508d6c62546875","ssdeep":"","tlshash":"bc418e32a92d310cf03fe259aa953ad80438f205f5231c6c6117ae6d0fcb2f7a2dc985","first_seen":"2024-09-10T16:42:49Z","last_seen":"2026-06-07T01:38:16.137031Z","times_seen":657,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-3ba48570.2abc21d0.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.323Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-3ba48570.2abc21d0.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-13e7\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5095,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4977), with no line terminators","md5":"aae37e163f751665260e8a9f0113796c","sha1":"2624ce3c3c29d4d74acfe9b87e0afc83376dbfd5","sha256":"208f6ba3163d5be49e343ffb77a56a901833583bd02780bed4e2a979ab4bd2f3","sha512":"e14612944a04452e4430f9f5578f692a8eacd8b4e74c24e32323e6bae88e0b924f8b5a7d6aba012c3600761176ba98c731c1f904a62f0b9de4634d496b8658aa","ssdeep":"96:PDVyrHPme0qnGryBBPLzstDpa+BptKXnvrb72P4H:PDCekmyBB/kptIzboO","tlshash":"6cb1626ca05beb9fd85e4151402f6231f0313edda436f1c1f760cf9896989225b1eea9","first_seen":"2023-10-18T00:16:17Z","last_seen":"2026-06-07T01:38:16.132986Z","times_seen":750,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-51bf3da6.e0d9c3b4.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:17.326Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-51bf3da6.e0d9c3b4.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-53c5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21445,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14913), with NEL line terminators","md5":"bbcd3645309e3e0b20c438bbdd7247dc","sha1":"9a503aef213f25f1bd4835099947331fa75d30bd","sha256":"b00e6fc7e691110f7834644561b39868346dcb73aa5b1ba1ffd539aa8c5d7b24","sha512":"a6db8531c46b35577e4e6352ffbfbef911736bc01d322f4bac3617bd9b822eb49df92e4cedf45768ef26fc25f2ade484de415cb38a59155836a1253be1d87e59","ssdeep":"384:fwh+Of8lVY9fYAwx521Zd79r5qMasG7O8nZk6Nz/f0UA1idg8LeHT1q8pK5t5EYG:cvj050v9","tlshash":"a5a2b7cdb6c672071ca330b231ea35c82172b56c3b14d5a193ac549896fcaec9f76f58","first_seen":"2025-09-24T05:41:29.171457Z","last_seen":"2026-01-18T21:42:14.244016Z","times_seen":113,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/css/chunk-74d1c393.2928084f.css","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:15.529Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/chunk-74d1c393.2928084f.css HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-512\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1298,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1298), with no line terminators","md5":"1fe245f2830b10534ae77924560ec401","sha1":"1feacb8014a296352318b1697944b097d55ba92b","sha256":"a7bf0d2d8a328645eb9822334530a707baf64fac7625855b717fedbfb321525c","sha512":"05dbf5c934a71f4e9a909e8eebec316766529767ec7169ad5c868d6e40e8b3274a01e0de21e59f3efc696ef912870726f9952129a3cbb4dfbe5cba1a460bcf1c","ssdeep":"","tlshash":"ad21f6a1bcba1f671bf9c64d8045bff5461ab145ca285b39e05433ec06128ea13e2312","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.161826Z","times_seen":833,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":16,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-079fc55c.5c3e572a.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.323Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-079fc55c.5c3e572a.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-14ce\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5326,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5214), with no line terminators","md5":"485d627c42962ee0200dac66adf41dd4","sha1":"ca8e716c2fce7870f27ce6b489a333033a9254c4","sha256":"4a2b5528bff5b712a661c2f48dea798bb01eb6b7483c95050a4393eef0f39c81","sha512":"672c83e0b25c6b7a35a019664750aa61dff0f7d6f03ff6ebee9c0cc6a45b2b4c97a4715711d41428933f72350a7cf33c878869c803d2debe78314c4a05266009","ssdeep":"96:D42+m67Kxh98ITfv3gppLSqHYhFhRGPgeHmv7t2Vl63Al7:BNhP1hRqgkmzEP","tlshash":"87b1a74cb1e3f5a601a66562102f235af2b13e987416e011bbb0d6c07e2487a635fb7f","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.182955Z","times_seen":811,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"og6y7c.top/js/chunk-2232cdce.9a2241c0.js","fqdn":"og6y7c.top","domain":"og6y7c.top","tld":"top"},"ip":{"addr":"180.178.44.100","port":80,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://og6y7c.top/","date":"2026-01-07T00:50:16.730Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/chunk-2232cdce.9a2241c0.js HTTP/1.1\r\nHost: og6y7c.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://og6y7c.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 07 Jan 2026 00:50:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 06 Feb 2025 12:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67a4aac2-4597\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17815,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17619), with no line terminators","md5":"00143820da7385f7be28bf1e4a8a972a","sha1":"b0b4706b8b2ff718a957d187d14ca552cf307c49","sha256":"342eb92bdd7693ec213999e94ad0878ef1fe26916499569a6e2b4e70386f8856","sha512":"698975a093b7f710a41e0a1eaa4f0621a902d66eb832ce90f3e80367751842d2a24caf3e171c42c0baa740d98e61b078640238bc609f7d8055179473d87bcffc","ssdeep":"192:cN3zkwOxCcgpCU91Rmym6bJ14QYsdUcc6c7+Pj6zjRn+sDZ+wFLiaU:cNeCcgpe6bJ1nlb65ewxiaU","tlshash":"ff828818b5c7e6ab9caa9021443e3525e1323ed9a026e186ff34cdc46968d74371df3d","first_seen":"2025-01-10T12:51:25.900233Z","last_seen":"2026-06-07T01:38:16.20299Z","times_seen":534,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"og6y7c.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"og6y7c.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}