{"report_id":"9448ba96-200e-417c-95f9-1c0e1a195b09","version":6,"status":"done","tags":[],"date":"2026-03-28T02:47:59Z","url":{"schema":"http","addr":"online.ec.cc/ww","fqdn":"online.ec.cc","domain":"online.ec.cc","tld":"ec.cc"},"ip":{"addr":"137.220.156.229","port":0,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"final":{"url":{"schema":"https","addr":"online.ec.cc/ww/","fqdn":"online.ec.cc","domain":"online.ec.cc","tld":"ec.cc"},"title":"TikTok Shop Seller Center | Select Portal","dom":{"size":100313,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4782)","md5":"c3a46923b07e863c5f446c57c7ec8a43","sha1":"708c89bccf1e597635fff1e0969946473a426129","sha256":"d36520babc2e092297147f02b63fcc46481989adb9aa52483345198fc05ee89f","sha512":"306058b346636ca7c08de92feb37ad396369a7ffa131fb09c474aa2dafbb6316d45519e62ba5a83d8e6e9bbddd4f26062819a158681957f8a08be5998dc488d6","ssdeep":"1536:j3wr6i8kPHHHEtBMBcys15P/zEPEH9HYNiCsNX:GG20X","tlshash":"58a3e827216c122a928d1d667a537d0faf02f0278a5293d8f5dc5eddcfd9a830c8a74d","dom_hash":"domhash60c9e3b7ab34aca8ca4eeca161cacc16","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"online.ec.cc/ww","fqdn":"online.ec.cc","domain":"online.ec.cc","tld":"ec.cc"},"ip":{"addr":"137.220.156.229","port":0,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-02T02:47:59Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"online.ec.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"online.ec.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"online.ec.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"code.jquery.com","ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-03-22T23:03:50.420873Z","alert_count":0,"request_count":1,"received_data":285904,"sent_data":443,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"lf16-scmcdn.oecstatic.com","ip":{"addr":"23.36.77.48","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2022-02-21","domain_rank":429900,"first_seen":"2022-06-04T18:35:09Z","last_seen":"2026-03-26T10:59:50.93949Z","alert_count":0,"request_count":1,"received_data":12870,"sent_data":492,"comment":"","tags":null,"fingerprints":null},{"fqdn":"sf16-website-login.neutral.ttwstatic.com","ip":{"addr":"2.22.55.67","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"domain_registered":"2021-11-05","domain_rank":29420,"first_seen":"2022-12-12T15:40:21Z","last_seen":"2026-03-28T01:15:02.88748Z","alert_count":0,"request_count":2,"received_data":116329,"sent_data":1181,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"online.ec.cc","ip":{"addr":"137.220.156.229","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"domain_registered":"1997-10-13","domain_rank":0,"first_seen":"2026-01-16T14:00:15.39717Z","last_seen":"2026-03-28T01:15:02.264504Z","alert_count":15,"request_count":5,"received_data":1047848,"sent_data":2276,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"online.ec.cc/ww/","fqdn":"online.ec.cc","domain":"online.ec.cc","tld":"ec.cc"},"ip":{"addr":"137.220.156.229","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":true,"md5":"9caac74dff7bf0f2103fb0f8dbdd1f53","sha1":"1aa760d0e79b20cf7e5ab8eb26446358344b4b15","sha256":"0f3f9d56092455d50cc99c8c87c67a52c4081ab3c447187e3999e3c1b73f1896","sha512":"5f20122e30c2a4347f7930199a705ece96ed84ebf0a645857432398ce4f6a4f9568ef75e5d05a874de139af20acb36405d34a5030925f45470e1a439c2d29387","ssdeep":"","tlshash":"1021c24ab5f6102115bb303f1fcb081039a3564734098d11fe8e4fa84ff16a886eeb85","size":1352,"data":"","first_seen":"2026-01-08T15:20:20.636716Z","last_seen":"2026-03-28T10:22:15.138133Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"12e87d2f3a4c8b347ab13a0764d420a3","sha1":"4be715e11048c057fdf2ee0fbbfad4dbf3504c55","sha256":"78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe","sha512":"fa4d699e582de05d47f0beeddf3f79a37fca3bea3bf083447174db9e8250fc5d95a835615a86a256697f3841eff47b1583151a556f886e264f50941f17f63167","ssdeep":"6144:gwsmYhct1SS+TC1lmhTzeKRYcYmD2zK8USJsdZQ/coLGVFyy/RgL/uiOgeNTIPfz:FuYcYmD4/cZQ/coLGVFyCJTiPf7AqqAV","tlshash":"e954a3d8f78d112e423231aaad2e12cdbb7dd171561454aefd4d497c24a083c83baf7a","size":285314,"data":"","first_seen":"2023-09-15T16:51:13Z","last_seen":"2026-06-08T10:41:23.320975Z","times_seen":17368,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"online.ec.cc/static/inject-rewrite.js","fqdn":"online.ec.cc","domain":"online.ec.cc","tld":"ec.cc"},"ip":{"addr":"137.220.156.229","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"403ea051920902ded7147c1bbef4502f","sha1":"21b402cb7b201bc147216fc4eba1d38b8d754f4a","sha256":"3d1c71599369418f072f6c400e01e2203d569de028d8d968c22f5464ef72febc","sha512":"095d09d1bb749ebe878a7cface4ef78b2d3c588adf17eaec308e369c0da026fad85dbb57b9b5120e9ecaae014b55516131ffe3a8e99c17d633ddaba45178398f","ssdeep":"192:ZjzuYqPag9CqE6Cqsg79yUpwCqAwCq7rlOyCqUJyCqy8HSDyV6yLSCWCqIq5uzas:NuhxD7NQlO/JOVau3","tlshash":"ccd1efee35a2227299d3307d4fbfb2403436914f688de9a2bd5c56404fe4e440f9abd9","size":6429,"data":"","first_seen":"2026-03-28T01:15:07.443072Z","last_seen":"2026-03-28T10:22:15.128611Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://online.ec.cc/ww/","date":"2026-03-28T02:47:39.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.7.1.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://online.ec.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://online.ec.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-45a82\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sat, 28 Mar 2026 02:47:39 GMT\r\nage: 819402\r\nx-served-by: cache-lga21929-LGA, cache-hel1410033-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 14, 14580\r\nx-timer: S1774666059.489875,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 83619\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":285314,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"12e87d2f3a4c8b347ab13a0764d420a3","sha1":"4be715e11048c057fdf2ee0fbbfad4dbf3504c55","sha256":"78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe","sha512":"fa4d699e582de05d47f0beeddf3f79a37fca3bea3bf083447174db9e8250fc5d95a835615a86a256697f3841eff47b1583151a556f886e264f50941f17f63167","ssdeep":"6144:gwsmYhct1SS+TC1lmhTzeKRYcYmD2zK8USJsdZQ/coLGVFyy/RgL/uiOgeNTIPfz:FuYcYmD4/cZQ/coLGVFyCJTiPf7AqqAV","tlshash":"e954a3d8f78d112e423231aaad2e12cdbb7dd171561454aefd4d497c24a083c83baf7a","first_seen":"2023-09-15T16:51:13Z","last_seen":"2026-06-08T10:41:23.320975Z","times_seen":17368,"resource_available":true,"data":null}},"time_used":164,"timings":{"blocked":61,"dns":21,"connect":13,"send":0,"wait":13,"receive":22,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lf16-scmcdn.oecstatic.com/obj/goofy-sg/i18n/ecom/global/static/media/logo.700a5055.svg","fqdn":"lf16-scmcdn.oecstatic.com","domain":"oecstatic.com","tld":"com"},"ip":{"addr":"23.36.77.48","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://online.ec.cc/ww/","date":"2026-03-28T02:47:40.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.oecstatic.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 06 Feb 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"57:31:75:5A:8A:72:7B:7D:5D:59:64:6B:AE:BB:4B:61:9A:9A:5F:DE","sha256":"8B:33:5F:29:29:60:7E:2D:72:6E:D1:AC:A7:40:22:76:C4:95:EB:00:86:04:D2:51:A5:72:D8:78:81:83:00:EB"}}},"request":{"raw":"GET /obj/goofy-sg/i18n/ecom/global/static/media/logo.700a5055.svg HTTP/1.1\r\nHost: lf16-scmcdn.oecstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://online.ec.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\naccept-ranges: bytes\r\ncontent-md5: MJI1GFPjHOOErtPTjMSh4g==\r\netag: \"3092351853e31ce384aed3d38cc4a1e2\"\r\nlast-modified: Wed, 26 Jun 2024 03:29:26 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: 976bedbd96a78d4d69bd96a7-fdbdgdc55g2g1c16gg41\r\nx-tos-response-time: Fri, 20 Mar 2026 18:49:11 GMT\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 011181f4b26014cb562a99de01bf0b520119308912c41cf3f838a264d3845cffb4aa83c513cb01501c00537d2313a8d47163a67b3323ea4f8b51f56029ece74c4f39cf2a68f543a1526d0bb0c421136e8e8a9ee48c779f812434570f01143e8c85bfc2dc23d6fe930163e20222010c0de7\r\nx-tt-trace-id: 00-260326082557BE2E7C59FAA891FDF85F-13ABCE526E8205F3-00\r\nserver: TLB\r\nx-tt-logid: 20260326082557BE2E7C59FAA891FDF85F\r\nx-expires-ms: 1774484758416\r\nx-akamai-request-id: fc98156.30dbe1f9.245d4776\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncache-control: max-age=30902490\r\ndate: Sat, 28 Mar 2026 02:47:41 GMT\r\ncontent-length: 4422\r\nx-cache: TCP_MISS from a23-36-77-44.deploy.akamaitechnologies.com (AkamaiGHost/22.4.4-cf5672731e69c345796af56199edfb50) (-)\r\nx-cache-remote: TCP_MISS from a92-123-134-90.deploy.akamaitechnologies.com (AkamaiGHost/22.4.4-cf5672731e69c345796af56199edfb50) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=1050, origin; dur=0, inner; dur=2\r\nx-parent-response-time: 1004,92.123.134.90, 1041,23.36.77.44\r\ntiming-allow-origin: *\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11209,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3092351853e31ce384aed3d38cc4a1e2","sha1":"661e3eccf08442d53179cee5e949fb2951d0eab4","sha256":"fc73e77a5f906d5c69e03a9b1fed22dd8b4cf054a96f86d04952d8f5c42775e6","sha512":"3303d6bf49dcab6c41045dad7fd027dbe53e3f21f3148efdc041252dd5e7f8ec3daf37dbca356c543a554ca1fdcf0294eaec68ef725689da622893cda4b8c7d4","ssdeep":"192:kBfyNsanaYWqgJ77sSvdbVo67COscA+EOBmISFrno8EzxLa2IKcLX13:+f5Xp77sqbVol4A+EOBmxrnayKcLF3","tlshash":"963294dea3b5f1e4f508e3e45212a574762721fe7a53cb5487a9dfb0ba8048d8888cc1","first_seen":"2023-11-16T18:11:58Z","last_seen":"2026-03-28T10:22:15.135123Z","times_seen":21,"resource_available":false,"data":null}},"time_used":1311,"timings":{"blocked":128,"dns":100,"connect":1,"send":0,"wait":1052,"receive":3,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_fonts/TikTokFont-Regular.woff2?_default_font=1\u0026v=2","fqdn":"sf16-website-login.neutral.ttwstatic.com","domain":"ttwstatic.com","tld":"com"},"ip":{"addr":"2.22.55.67","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://online.ec.cc/ww/","date":"2026-03-28T02:47:40.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.neutral.ttwstatic.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 03 Jun 2025 00:00:00 GMT","end":"Tue, 02 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"ED:11:7F:24:3B:CD:77:16:01:62:5C:08:30:F8:AB:0A:BC:FF:30:3F","sha256":"86:1C:4E:B1:35:00:74:54:4A:EB:0D:68:73:A2:05:97:B7:1B:38:76:ED:73:E0:8C:16:BB:80:D1:CA:03:EB:4B"}}},"request":{"raw":"GET /obj/tiktok_web_login_static/tiktok_fonts/TikTokFont-Regular.woff2?_default_font=1\u0026v=2 HTTP/1.1\r\nHost: sf16-website-login.neutral.ttwstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://online.ec.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://online.ec.cc/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-length: 56492\r\ncontent-md5: /fJgDZBaD6oGDWkeAhLhpw==\r\nlast-modified: Wed, 11 Feb 2026 09:24:13 GMT\r\netag: 7dc6755d-cdc5-4439-8aa2-b2e814661aa1\r\nversion-id: 52f36f22-bc5a-4f89-9e34-55a73f9cd76d\r\nstorage-tier: Standard\r\ncontent-type: font/woff2\r\nopc-request-id: iad-1:97ojO77vVr3wiXoO1m64c9wTBYRMeqadXqq1glYBFKjlXZR2vT7-rDApOL81o-qi\r\nx-api-id: native\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options\r\ncache-control: max-age=2592000\r\nexpires: Mon, 27 Apr 2026 02:47:40 GMT\r\ndate: Sat, 28 Mar 2026 02:47:40 GMT\r\nx-cache: TCP_MEM_HIT from a2-22-55-63.deploy.akamaitechnologies.com (AkamaiGHost/22.4.4-cf5672731e69c345796af56199edfb50) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=0\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 10ce4b64\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":56492,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), CFF, length 56492, version 1.0","md5":"fdf2600d905a0faa060d691e0212e1a7","sha1":"62550f0993a219e265ff9a0795a4d9f49b28748f","sha256":"52a37b3a78eb5b59df3bdb129b9115c6fed9bec6ca62b55ae56d8c2701de5972","sha512":"7118d2ea3aafe3d77709842da20acbe3faaf4c6c92a50ab05ecd4986916bbb92fe297a1b00357572683b02c61762cdf31dc425f03221dd169803252db5f04f7f","ssdeep":"1536:HYDhrXLgUVTf98fcANMQnJULOK+z2N2Vr8KO:HYDhrbZTF8ffZaOzM2Vr8z","tlshash":"804301fe4895feb9b094c7938d7131e02a664022453cbb71774b13b76368e7682892dc","first_seen":"2023-06-27T16:48:29Z","last_seen":"2026-06-08T10:43:53.546116Z","times_seen":5620,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":82,"dns":64,"connect":1,"send":0,"wait":3,"receive":2,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"online.ec.cc/ww","fqdn":"online.ec.cc","domain":"online.ec.cc","tld":"ec.cc"},"ip":{"addr":"137.220.156.229","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-28T02:47:37.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online.ec.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 09:21:08 GMT","end":"Tue, 12 May 2026 09:21:07 GMT"},"fingerprint":{"sha1":"61:B3:7A:79:D5:92:4C:42:36:B7:62:84:CC:DF:87:E7:32:0C:AA:19","sha256":"57:95:65:8C:1F:65:C4:AB:72:8A:64:B7:CE:4E:14:6E:B6:F0:DD:FF:D7:4F:76:34:DC:B1:2E:8E:7F:57:50:0D"}}},"request":{"raw":"GET /ww HTTP/1.1\r\nHost: online.ec.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Sat, 28 Mar 2026 02:47:38 GMT\r\nlocation: /ww/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":102960,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T11:34:21.534624Z","times_seen":16238222,"resource_available":true,"data":null}},"time_used":1978,"timings":{"blocked":858,"dns":339,"connect":250,"send":0,"wait":262,"receive":0,"ssl":267},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"online.ec.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"online.ec.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"online.ec.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"online.ec.cc/static/inject-rewrite.js","fqdn":"online.ec.cc","domain":"online.ec.cc","tld":"ec.cc"},"ip":{"addr":"137.220.156.229","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://online.ec.cc/ww/","date":"2026-03-28T02:47:39.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online.ec.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 09:21:08 GMT","end":"Tue, 12 May 2026 09:21:07 GMT"},"fingerprint":{"sha1":"61:B3:7A:79:D5:92:4C:42:36:B7:62:84:CC:DF:87:E7:32:0C:AA:19","sha256":"57:95:65:8C:1F:65:C4:AB:72:8A:64:B7:CE:4E:14:6E:B6:F0:DD:FF:D7:4F:76:34:DC:B1:2E:8E:7F:57:50:0D"}}},"request":{"raw":"GET /static/inject-rewrite.js HTTP/1.1\r\nHost: online.ec.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://online.ec.cc/ww/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 28 Mar 2026 02:47:39 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 13 Mar 2026 08:47:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b3cf16-191d\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6429,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"403ea051920902ded7147c1bbef4502f","sha1":"21b402cb7b201bc147216fc4eba1d38b8d754f4a","sha256":"3d1c71599369418f072f6c400e01e2203d569de028d8d968c22f5464ef72febc","sha512":"095d09d1bb749ebe878a7cface4ef78b2d3c588adf17eaec308e369c0da026fad85dbb57b9b5120e9ecaae014b55516131ffe3a8e99c17d633ddaba45178398f","ssdeep":"192:ZjzuYqPag9CqE6Cqsg79yUpwCqAwCq7rlOyCqUJyCqy8HSDyV6yLSCWCqIq5uzas:NuhxD7NQlO/JOVau3","tlshash":"ccd1efee35a2227299d3307d4fbfb2403436914f688de9a2bd5c56404fe4e440f9abd9","first_seen":"2026-03-28T01:15:07.443072Z","last_seen":"2026-03-28T10:22:15.128611Z","times_seen":3,"resource_available":true,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"online.ec.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"online.ec.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"online.ec.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_fonts/TikTokFont-Semibold.woff2?_default_font=1\u0026v=2","fqdn":"sf16-website-login.neutral.ttwstatic.com","domain":"ttwstatic.com","tld":"com"},"ip":{"addr":"2.22.55.67","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://online.ec.cc/ww/","date":"2026-03-28T02:47:40.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.neutral.ttwstatic.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 03 Jun 2025 00:00:00 GMT","end":"Tue, 02 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"ED:11:7F:24:3B:CD:77:16:01:62:5C:08:30:F8:AB:0A:BC:FF:30:3F","sha256":"86:1C:4E:B1:35:00:74:54:4A:EB:0D:68:73:A2:05:97:B7:1B:38:76:ED:73:E0:8C:16:BB:80:D1:CA:03:EB:4B"}}},"request":{"raw":"GET /obj/tiktok_web_login_static/tiktok_fonts/TikTokFont-Semibold.woff2?_default_font=1\u0026v=2 HTTP/1.1\r\nHost: sf16-website-login.neutral.ttwstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://online.ec.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://online.ec.cc/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-length: 56968\r\ncontent-md5: z9iG4cqEmn+OJgB2PyNteA==\r\nlast-modified: Wed, 11 Feb 2026 09:24:13 GMT\r\netag: 8f605013-a300-4b82-bc2d-aeb9f04c2ed6\r\nversion-id: 86c8e289-2b9e-4123-86e9-2acbf5ec4293\r\nstorage-tier: Standard\r\ncontent-type: font/woff2\r\nopc-request-id: iad-1:Ai6N2Olmr9qKR1EM_bDCC8Bzwx_IW4dAvr68-cgUkXW25Ijp8DKSK0lPJ2M2iGJb\r\nx-api-id: native\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options\r\nx-expires-ms: 1772789276034\r\ncache-control: max-age=2592000\r\nexpires: Mon, 27 Apr 2026 02:47:40 GMT\r\ndate: Sat, 28 Mar 2026 02:47:40 GMT\r\nx-cache: TCP_MEM_HIT from a2-22-55-63.deploy.akamaitechnologies.com (AkamaiGHost/22.4.4-cf5672731e69c345796af56199edfb50) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=1\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 10ce4b66\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":56968,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), CFF, length 56968, version 1.0","md5":"cfd886e1ca849a7f8e2600763f236d78","sha1":"c1fc2b10d20c529c01b465a1edc0ed2fe04f0bd5","sha256":"c0b1c3c6995c24eabd1a6fcc4f00523e022b546cf1fa4fce6c30d04763244d1b","sha512":"254e37e3650b2c87b524c96f517586b690094abf7c8e0539b050ecdc4c56c2593bedab7b1a830b827ddc19f1c3e05ff4096ebdf4cc969b5bc5fd33cb34e94fd8","ssdeep":"1536:WJG/KL/shmr0SyKV2i0Qz0j72A2+0G+gSRLBeFDP3:liL/8mV2i0ac6A25G+1LBehf","tlshash":"444302ec6a22f9adab11e5e847349ac2f140d6de34156293509edb98200f24ecdcb75d","first_seen":"2023-06-27T16:48:29Z","last_seen":"2026-06-08T10:43:53.480128Z","times_seen":5574,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":79,"dns":59,"connect":0,"send":0,"wait":3,"receive":2,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"online.ec.cc/ww/","fqdn":"online.ec.cc","domain":"online.ec.cc","tld":"ec.cc"},"ip":{"addr":"137.220.156.229","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-28T02:47:38.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online.ec.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 09:21:08 GMT","end":"Tue, 12 May 2026 09:21:07 GMT"},"fingerprint":{"sha1":"61:B3:7A:79:D5:92:4C:42:36:B7:62:84:CC:DF:87:E7:32:0C:AA:19","sha256":"57:95:65:8C:1F:65:C4:AB:72:8A:64:B7:CE:4E:14:6E:B6:F0:DD:FF:D7:4F:76:34:DC:B1:2E:8E:7F:57:50:0D"}}},"request":{"raw":"GET /ww/ HTTP/1.1\r\nHost: online.ec.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 28 Mar 2026 02:47:38 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102960,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4782)","md5":"46f47059223fff506723c310a96beea9","sha1":"d42f922914a61de89055709b30daece79dfb96b4","sha256":"dba55e3cb92b04a8cc7d4951d93fb935f8633b4663d26837e5b59b8c66d44745","sha512":"46daffe27ef6795a2debd854d032e88f28fa7d463809801abf5c9b8c34f8d36619e71eb2e0034cf53f44b8a97b8dc3d2eb456b5afda75f31fd58daeaa149d484","ssdeep":"1536:q3wr6i8kPHHHEtBMBcys15P/zEhEH9diNiCsNP:7GO0P","tlshash":"1da3e827216c1229828d1d667a53b90faf02f0278a5293d8f5dc5eddcfdda930c8a74d","first_seen":"2026-01-08T15:20:20.616952Z","last_seen":"2026-03-28T10:22:15.126601Z","times_seen":20,"resource_available":true,"data":null}},"time_used":513,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":513,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"online.ec.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"online.ec.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"online.ec.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"online.ec.cc/ww/index/626.ab9a01a2.css","fqdn":"online.ec.cc","domain":"online.ec.cc","tld":"ec.cc"},"ip":{"addr":"137.220.156.229","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://online.ec.cc/ww/","date":"2026-03-28T02:47:39.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online.ec.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 09:21:08 GMT","end":"Tue, 12 May 2026 09:21:07 GMT"},"fingerprint":{"sha1":"61:B3:7A:79:D5:92:4C:42:36:B7:62:84:CC:DF:87:E7:32:0C:AA:19","sha256":"57:95:65:8C:1F:65:C4:AB:72:8A:64:B7:CE:4E:14:6E:B6:F0:DD:FF:D7:4F:76:34:DC:B1:2E:8E:7F:57:50:0D"}}},"request":{"raw":"GET /ww/index/626.ab9a01a2.css HTTP/1.1\r\nHost: online.ec.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://online.ec.cc/ww/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 28 Mar 2026 02:47:39 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"818727-1740404766000\"\r\nlast-modified: Mon, 24 Feb 2025 13:46:06 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":818727,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (50902)","md5":"b9524e49204fd6a9a75a76c3301391c9","sha1":"cd5839471bd43ca2c31cbf6ecec685a16986d8d8","sha256":"c364a1d45e3bfa0cd6d55d935ca62224b5889511ab9acc5c80a033eefd1bb229","sha512":"26738052088a1b767262a5e0962b21d8750c37c0455c55b5da3393d2fba4265fa122fd70619f16a7000660bafd58afc08c589cbb632dcf91b43c2a6ebc4902bd","ssdeep":"3072:Ejbng96pVDyf23RD19U1VHmPYjZXk7EGKS69CAmSIJwdN/Cfo7p/F9MNFvWnIL5v:EjbWNQqfU2MGVdE","tlshash":"fd0552269635112a6037852bb9c7facc2316b601ed237fbff6431cc68e85d994352f26","first_seen":"2025-04-25T08:54:28.104212Z","last_seen":"2026-03-28T10:22:15.133981Z","times_seen":34,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"online.ec.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"online.ec.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"online.ec.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"online.ec.cc/ww/index/main.d0945a0e.css","fqdn":"online.ec.cc","domain":"online.ec.cc","tld":"ec.cc"},"ip":{"addr":"137.220.156.229","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://online.ec.cc/ww/","date":"2026-03-28T02:47:39.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"online.ec.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 09:21:08 GMT","end":"Tue, 12 May 2026 09:21:07 GMT"},"fingerprint":{"sha1":"61:B3:7A:79:D5:92:4C:42:36:B7:62:84:CC:DF:87:E7:32:0C:AA:19","sha256":"57:95:65:8C:1F:65:C4:AB:72:8A:64:B7:CE:4E:14:6E:B6:F0:DD:FF:D7:4F:76:34:DC:B1:2E:8E:7F:57:50:0D"}}},"request":{"raw":"GET /ww/index/main.d0945a0e.css HTTP/1.1\r\nHost: online.ec.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://online.ec.cc/ww/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 28 Mar 2026 02:47:39 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"15558-1740404708000\"\r\nlast-modified: Mon, 24 Feb 2025 13:45:08 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15558,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (15558), with no line terminators","md5":"688b83e62cebe3c6b9022bc289612b24","sha1":"d8710c5a5aa69f11731ab068d3f65b19e990d97a","sha256":"87ae6bb848d58f51999b19e2e0bb3c89816f79a5b50ab07355108435b742fda2","sha512":"edb6980981b699c19bc87733bf2578f705f59f732f77508100eae5c3cbe757eff9135ffcfc4a6c85de8af200879289a67c4898771afb3e7d130bf8b0bd7415ed","ssdeep":"192:b1b/8DPjg7xO8vgVnYVr8+V1XrucYyURvaHHduaaHHdieMw0Y4lxj/o7:bNUPj8vgpir91SbaHHAHHWj8","tlshash":"8a62b913e41a801b94eb5c273bcade193f9ba5192e15fb1fe8344ec68df1563112d706","first_seen":"2026-01-08T15:20:20.62783Z","last_seen":"2026-03-28T10:22:15.137094Z","times_seen":20,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"online.ec.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"online.ec.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"online.ec.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}