{"report_id":"a0ed470e-b714-4daa-b0b3-de235126bf37","version":6,"status":"done","tags":[],"date":"2025-06-02T09:09:20Z","url":{"schema":"http","addr":"xn--bvqs57dewlqnlczai8wz1thma.longfeng47.cc/","fqdn":"xn--bvqs57dewlqnlczai8wz1thma.longfeng47.cc","domain":"longfeng47.cc","tld":"cc"},"ip":{"addr":"38.91.114.219","port":0,"asn":9294,"as":"GNET INC.","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"20250531.longfeng13.com/","fqdn":"20250531.longfeng13.com","domain":"longfeng13.com","tld":"com"},"title":"20250531.longfeng13.com/"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-11T09:09:20Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"lf6-cdn-tos.bytecdntp.com","ip":{"addr":"103.155.16.183","port":443,"asn":138915,"as":"Kaopu Cloud HK Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2021-01-11","domain_rank":420032,"first_seen":"2022-05-13T06:34:03Z","last_seen":"2025-05-31T11:49:00.238316Z","alert_count":0,"request_count":1,"received_data":87784,"sent_data":463,"comment":"","tags":null,"fingerprints":null},{"fqdn":"lf26-cdn-tos.bytecdntp.com","ip":{"addr":"27.221.84.33","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2021-01-11","domain_rank":356167,"first_seen":"2022-03-16T14:07:25Z","last_seen":"2025-06-01T23:02:54.150711Z","alert_count":0,"request_count":1,"received_data":49599,"sent_data":470,"comment":"","tags":null,"fingerprints":null},{"fqdn":"xn--bvqs57dewlqnlczai8wz1thma.longfeng47.cc","ip":{"addr":"38.91.114.219","port":443,"asn":9294,"as":"GNET INC.","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":2062,"sent_data":512,"comment":"","tags":null,"fingerprints":null},{"fqdn":"20250531.longfeng13.com","ip":{"addr":"103.193.148.144","port":443,"asn":55933,"as":"Cloudie Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":69731,"sent_data":555,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-02","alert":"Sinkholed","trigger":"longfeng47.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"xn--bvqs57dewlqnlczai8wz1thma.longfeng47.cc/","fqdn":"xn--bvqs57dewlqnlczai8wz1thma.longfeng47.cc","domain":"longfeng47.cc","tld":"cc"},"ip":{"addr":"38.91.114.219","port":443,"asn":9294,"as":"GNET INC.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a89b19035042531d671ef120faadf6b8","sha1":"a93481335f52db5e515b3e4d9297089fbaf0a183","sha256":"4e899fa143b82a5157d59272160f27c8ac46915939f771742eb6711a8729a10b","sha512":"f10361a30cc7eb4a80d88247abfa662ae52c056ae64f3433468be5ea32dfeb928ebf779912ea1ffd9a39fcbe8a23ddf5426a01068970269e891b5d84c10a71a9","ssdeep":"","tlshash":"ebf02b8141961291aaaa20108b57365860b304af340ec95cf70e43052f3aa6795235cf","size":465,"data":"","first_seen":"2025-06-02T09:09:24.331097Z","last_seen":"2025-06-08T09:41:22.622998Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"20250531.longfeng13.com/","fqdn":"20250531.longfeng13.com","domain":"longfeng13.com","tld":"com"},"ip":{"addr":"103.193.148.144","port":443,"asn":55933,"as":"Cloudie Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-02T09:09:03.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"longfeng13.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 May 2025 09:10:41 GMT","end":"Tue, 26 Aug 2025 09:10:40 GMT"},"fingerprint":{"sha1":"01:A8:D1:31:EA:3F:73:84:30:6B:AF:20:9C:1D:82:E2:29:F5:73:66","sha256":"DD:BC:AA:18:D5:AB:86:CA:CA:B8:2F:C3:EA:32:7C:9D:3B:5D:94:32:F3:A2:F8:2A:0F:46:93:75:88:E9:0F:45"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 20250531.longfeng13.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--bvqs57dewlqnlczai8wz1thma.longfeng47.cc/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 02 Jun 2025 09:09:04 GMT\r\ncontent-type: text/html;charset=utf-8\r\nvary: Accept-Encoding, Accept-Encoding\r\nserver: LCCDN\r\nstrict-transport-security: max-age=31536000;\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":69472,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (336), with CRLF, LF line terminators","md5":"cdab677552050839580cd0c23c28c0af","sha1":"9ce81ce3b38d53f399d3d15ba2a7aa7c47996a65","sha256":"1d37cdabb0bf0f24893a13e671b81209e8790e34a7cd6e0056338a55a2c8fb5f","sha512":"728eaa4946f18f16168fe14f6476aef3017c3174cd49fbfd5618182064e5716347c556d0497705a4d91c62174bf0daa9a2a950a4080d0684e5dc9ea0d1d6010c","ssdeep":"1536:BEMlrFoioBo5islQ9x09PYGwYhpYrYzYKYX3:BEMlre+islQ9xC/m","tlshash":"9263bcb14e86e73526ba09a0b030ffbd70bfa3759c17592040db682b9d8dff54c99849","first_seen":"2025-06-02T09:09:24.328251Z","last_seen":"2025-06-02T23:38:07.738861Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3255,"timings":{"blocked":1497,"dns":708,"connect":259,"send":0,"wait":259,"receive":0,"ssl":528},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.1.1/jquery.min.js","fqdn":"lf6-cdn-tos.bytecdntp.com","domain":"bytecdntp.com","tld":"com"},"ip":{"addr":"103.155.16.183","port":443,"asn":138915,"as":"Kaopu Cloud HK Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"","requested_by":"https://20250531.longfeng13.com/","date":"2025-06-02T09:09:05.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytecdntp.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 24 Mar 2025 00:00:00 GMT","end":"Mon, 23 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E2:DB:67:00:11:81:66:F9:6D:9C:86:95:74:1A:71:2A:06:6B:24:3C","sha256":"DF:22:B9:FC:F6:48:B2:8D:C9:A2:3A:27:FE:94:09:6C:0E:CE:92:F1:13:EA:5C:FD:EA:49:E1:76:4B:C0:66:CD"}}},"request":{"raw":"GET /cdn/expire-1-M/jquery/3.1.1/jquery.min.js HTTP/1.1\r\nHost: lf6-cdn-tos.bytecdntp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://20250531.longfeng13.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":4396,"data":"[{\"time\":\"2025-06-02T09:07:48.867Z\",\"iKey\":\"2fae892e-6801-4a45-9f0f-90c2ae22293f\",\"name\":\"Microsoft.ApplicationInsights.2fae892e68014a459f0f90c2ae22293f.RemoteDependency\",\"tags\":{\"ai.user.id\":\"HMNPxVYW1mu2FfepSGY1TH\",\"ai.session.id\":\"oZxqEWjObPnD46itMZQ/us\",\"ai.device.id\":\"browser\",\"ai.device.type\":\"Browser\",\"ai.operation.name\":\"/en/about-us/security/email-disclaimer\",\"ai.operation.id\":\"e726397441ef421187e1203bf20100b7\",\"ai.internal.sdkVersion\":\"javascript:2.8.18\"},\"data\":{\"baseType\":\"RemoteDependencyData\",\"baseData\":{\"id\":\"|e726397441ef421187e1203bf20100b7.5ce1082d51da4806.\",\"ver\":2,\"name\":\"POST /cdn-cgi/rum?\",\"resultCode\":\"204\",\"duration\":\"00:00:00.062\",\"success\":true,\"data\":\"POST /cdn-cgi/rum?\",\"target\":\"www.ericsson.com\",\"type\":\"Ajax\",\"properties\":{\"HttpMethod\":\"POST\"},\"measurements\":{}}}},{\"time\":\"2025-06-02T09:07:49.383Z\",\"iKey\":\"2fae892e-6801-4a45-9f0f-90c2ae22293f\",\"name\":\"Microsoft.ApplicationInsights.2fae892e68014a459f0f90c2ae22293f.RemoteDependency\",\"tags\":{\"ai.user.id\":\"HMNPxVYW1mu2FfepSGY1TH\",\"ai.session.id\":\"oZxqEWjObPnD46itMZQ/us\",\"ai.device.id\":\"browser\",\"ai.device.type\":\"Browser\",\"ai.operation.name\":\"/en/about-us/security/email-disclaimer\",\"ai.operation.id\":\"e726397441ef421187e1203bf20100b7\",\"ai.internal.sdkVersion\":\"javascript:2.8.18\"},\"data\":{\"baseType\":\"RemoteDependencyData\",\"baseData\":{\"id\":\"|e726397441ef421187e1203bf20100b7.067370e18e514818.\",\"ver\":2,\"name\":\"GET https://lb.serversidetagging.ericsson.com/g/collect?v=2\u0026tid=G-Q3GYBCP7L6\u0026gtm=45je55s2v9203632580z86410829za200zb6410829\u0026_p=1748855266083\u0026gcs=G100\u0026gcd=13p3p3p2p5l1\u0026npa=1\u0026dma_cps=-\u0026dma=1\u0026tag_exp=101509157~103116026~103200004~103233427~103252644~103252646~103351866~103351868~104481633~104481635~104559073~104559075~104612245~104612247\u0026ptag_exp=101509157~103116026~103200004~103233427~103252644~103252646~103351869~103351871~104481633~104481635~104559073~104559075~104612245~104612247\u0026gdid=dMzk4MW\u0026cid=1890684342.1748855269\u0026ecid=919781592\u0026ul=en-us\u0026sr=1280x1024\u0026_fplc=0\u0026ur=NO-03\u0026frm=0\u0026pscdl=denied\u0026sst.rnd=1650940783.1748855269\u0026sst.etld=google.no\u0026sst.gcsub=region1\u0026sst.tft=1748855266083\u0026sst.lpc=22236527\u0026sst.navt=n\u0026sst.ude=0\u0026_s=1\u0026sid=1748855268\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fwww.ericsson.com%2Fen%2Fabout-us%2Fsecurity%2Femail-disclaimer\u0026dt=E-mail%20from%20and%20to%20Ericsson\u0026_tu=DA\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026ep.cookie_consent_analytics=necessary\u0026ep.cmp_laststatus=visible\u0026ep.location_hostname=www.ericsson.com\u0026up.cook\",\"resultCode\":\"200\",\"duration\":\"00:00:00.325\",\"success\":true,\"data\":\"GET https://lb.serversidetagging.ericsson.com/g/collect?v=2\u0026tid=G-Q3GYBCP7L6\u0026gtm=45je55s2v9203632580z86410829za200zb6410829\u0026_p=1748855266083\u0026gcs=G100\u0026gcd=13p3p3p2p5l1\u0026npa=1\u0026dma_cps=-\u0026dma=1\u0026tag_exp=101509157~103116026~103200004~103233427~103252644~103252646~103351866~103351868~104481633~104481635~104559073~104559075~104612245~104612247\u0026ptag_exp=101509157~103116026~103200004~103233427~103252644~103252646~103351869~103351871~104481633~104481635~104559073~104559075~104612245~104612247\u0026gdid=dMzk4MW\u0026cid=1890684342.1748855269\u0026ecid=919781592\u0026ul=en-us\u0026sr=1280x1024\u0026_fplc=0\u0026ur=NO-03\u0026frm=0\u0026pscdl=denied\u0026sst.rnd=1650940783.1748855269\u0026sst.etld=google.no\u0026sst.gcsub=region1\u0026sst.tft=1748855266083\u0026sst.lpc=22236527\u0026sst.navt=n\u0026sst.ude=0\u0026_s=1\u0026sid=1748855268\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fwww.ericsson.com%2Fen%2Fabout-us%2Fsecurity%2Femail-disclaimer\u0026dt=E-mail%20from%20and%20to%20Ericsson\u0026_tu=DA\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026ep.cookie_consent_analytics=necessary\u0026ep.cmp_laststatus=visible\u0026ep.location_hostname=www.ericsson.com\u0026up.cookie_consent_category=necessary\u0026tfd=5499\u0026richsstsse\",\"target\":\"lb.serversidetagging.ericsson.com\",\"type\":\"Fetch\",\"properties\":{\"HttpMethod\":\"GET\"},\"measurements\":{}}}},{\"time\":\"2025-06-02T09:07:57.287Z\",\"iKey\":\"2fae892e-6801-4a45-9f0f-90c2ae22293f\",\"name\":\"Microsoft.ApplicationInsights.2fae892e68014a459f0f90c2ae22293f.Message\",\"tags\":{\"ai.user.id\":\"HMNPxVYW1mu2FfepSGY1TH\",\"ai.session.id\":\"oZxqEWjObPnD46itMZQ/us\",\"ai.device.id\":\"browser\",\"ai.device.type\":\"Browser\",\"ai.operation.name\":\"/en/about-us/security/email-disclaimer\",\"ai.operation.id\":\"e726397441ef421187e1203bf20100b7\",\"ai.internal.sdkVersion\":\"javascript:2.8.18\",\"ai.internal.snippet\":\"5\",\"ai.internal.sdkSrc\":\"cdn1\"},\"data\":{\"baseType\":\"MessageData\",\"baseData\":{\"ver\":2,\"message\":\"AI (Internal): 72 message:\\\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\\\"\",\"properties\":{}}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 30120\r\nserver: TLB\r\netag: W/\"61f0cbc3-152b5\"\r\ndate: Fri, 30 May 2025 22:54:49 GMT\r\nlast-modified: Wed, 26 Jan 2022 04:19:15 GMT\r\nexpires: Sun, 29 Jun 2025 22:54:49 GMT\r\nage: 209658\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nserver-timing: inner; dur=16\r\nx-tt-trace-host: 014e7c5d6c40181e9da8fb6e7dc8ae6fffaafeff09fde43fd5e6cd85566bf7c9c43282e2d6787e6b923cd223571b03ceb5a30987eb3ea39302bdb19b3af58aed3c8e26d9299295dfd91f4fa2e00d6255856994a7591c9ea1c0e416522be6215257\r\nx-tt-trace-tag: id=06;cdn-cache=hit;type=static\r\nx-tt-trace-id: 00-24082221401403782D4B69E612FE9F5D-093ADBCA56724420-00\r\nx-tt-logid: 2024082221401403782D4B69E612FE9F5D\r\nx-response-cache: edge_hit\r\nx-link-via: xjp21:443;huzmp01:443;\r\nx-cache-status: HIT from KS-CLOUD-HUZ-MP-01-16, HIT from KS-CLOUD-XJP-FOREIGN-21-17\r\ntiming-allow-origin: *\r\nx-response-cinfo: 91.90.42.154\r\nx-cdn-request-id: 5647b0a5be67e12352e4658b39655998\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86709,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32030)","md5":"e071abda8fe61194711cfc2ab99fe104","sha1":"f647a6d37dc4ca055ced3cf64bbc1f490070acba","sha256":"85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf","sha512":"53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65","ssdeep":"1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5","tlshash":"3183d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-05T09:23:45.249038Z","times_seen":138414,"resource_available":true,"data":null}},"time_used":2386,"timings":{"blocked":-1,"dns":1274,"connect":321,"send":0,"wait":364,"receive":63,"ssl":363},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lf26-cdn-tos.bytecdntp.com/cdn/expire-1-M/crypto-js/4.1.1/crypto-js.min.js","fqdn":"lf26-cdn-tos.bytecdntp.com","domain":"bytecdntp.com","tld":"com"},"ip":{"addr":"27.221.84.33","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"https://20250531.longfeng13.com/","date":"2025-06-02T09:09:05.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytecdntp.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 24 Mar 2025 00:00:00 GMT","end":"Mon, 23 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"80:B0:74:91:BC:E4:19:5F:0C:EA:16:96:CC:BF:BB:81:73:43:51:C1","sha256":"4F:D4:65:13:41:BB:18:5E:1B:95:1C:3B:56:45:47:2E:10:C4:80:31:98:77:1F:D0:12:F5:40:55:E1:CE:D0:36"}}},"request":{"raw":"GET /cdn/expire-1-M/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1\r\nHost: lf26-cdn-tos.bytecdntp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://20250531.longfeng13.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":114,"data":"{\"attributes\":{\"igId\":\"ig_c685f2f430aab50254d0ec60ac2d22954534\",\"igTestGroups\":\"\",\"igCampaigns\":\"\",\"igOffers\":\"\"}}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 02 Jun 2025 09:09:07 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 16589\r\nserver: openresty\r\nlast-modified: Sun, 24 Apr 2022 23:36:15 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6265deef-bcbc\"\r\nexpires: Fri, 23 May 2025 23:49:37 GMT\r\ncontent-encoding: gzip\r\nserver-timing: inner; dur=14\r\nx-tt-trace-host: 01f6af88895f6e2497ce253904f5efa1b47a7bd57a77c28544d25ec3e05795c05a95c1b28cd3df9c5047252f339c5b135908664a4fc5e4d6fae579e28176fccb1e7e52b02db0a1b3f1eeb55fe22b13562297fc2a0f13cabebd08eefb3d7b832701c871e9f10ed1f83e6d68c53b908b9d87b0ea8cf16b2bbeb6a352b92c61806749\r\nx-tt-trace-tag: id=26;cdn-cache=hit;type=static\r\nx-tt-trace-id: 00-2504240755479D454AADE734A8266981-76B0820B760C9ABF-00\r\nx-tt-logid: 202504240755479D454AADE734A8266981\r\nx-ccdn-expires: 2164676\r\nvia: CHN-SDqingdao-CUCC7-CACHE16[4],CHN-SDqingdao-CUCC7-CACHE16[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE34[4],CHN-TJ-GLOBAL1-CACHE16[0,TCP_HIT,3],CHN-HEshijiazhuang-GLOBAL1-CACHE32[8],CHN-HEshijiazhuang-GLOBAL1-CACHE16[0,TCP_HIT,2]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nnginx-hit: 1\r\nage: 461531\r\ncache-control: max-age=2592000\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 91.90.42.154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48316,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (48316), with no line terminators","md5":"2ca03ad87885ab983541092b87adb299","sha1":"1a17f60bf776a8c468a185c1e8e985c41a50dc27","sha256":"8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762","sha512":"13c412bd66747822c6938926de1c52b0d98659b2ed48249471ec0340f416645ea9114f06953f1ae5f177db03a5d62f1fb5d321b2c4eb17f3a1c865b0a274dc5c","ssdeep":"768:J1Z4iiyfiD78x6l42SWRV4HC0o10LEnM9OT81agZnEpnS:vZYDc6lXJd1mZpZEdS","tlshash":"19231ac5a19c605152a774c40d7f704b7463352a070d8aacf668e9eeecfcaea9039d7c","first_seen":"2023-03-07T01:31:53Z","last_seen":"2026-04-05T10:23:40.175006Z","times_seen":149751,"resource_available":true,"data":null}},"time_used":4079,"timings":{"blocked":1831,"dns":1244,"connect":304,"send":0,"wait":330,"receive":4,"ssl":363},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--bvqs57dewlqnlczai8wz1thma.longfeng47.cc/","fqdn":"xn--bvqs57dewlqnlczai8wz1thma.longfeng47.cc","domain":"longfeng47.cc","tld":"cc"},"ip":{"addr":"38.91.114.219","port":443,"asn":9294,"as":"GNET INC.","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-02T09:08:58.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.longfeng44.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Mar 2025 04:15:49 GMT","end":"Tue, 17 Jun 2025 04:15:48 GMT"},"fingerprint":{"sha1":"90:73:AC:C5:7D:09:51:88:FB:AD:AD:DE:D3:6F:0E:4C:83:24:25:44","sha256":"99:9B:2F:5B:4B:86:DC:A0:C2:5F:D7:C4:7B:ED:A8:BD:FB:3D:28:F4:46:3B:01:DE:51:24:B0:04:34:6C:24:24"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: xn--bvqs57dewlqnlczai8wz1thma.longfeng47.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":870,"data":"payload=aUkQRhAIEH52dFR/X15WZ1VnDxAeEFYQCEkQZAIGWWZgd1l4el0PEAgQWkZGQkEIHR1FRUUcXF1QXldAXFdBRhxRXV8dVVNARltRXlcNQw9XQl9BS0FGV18URFtBW0ZdQG1bVg8LBwEBAAADAAUHBAIACgQAAgsURlNAVVdGbVtWDwcHBQoFBwAUUVNfQlNbVVxtW1YPCwEGAgYCARRBXUdAUVdtW1YPAAUFAwUDABReW1xZbVlXSw9XUwILV1MDUAZWAgoKUVRXBANXUQoEUAIFBVFUAQALChRtUVRAW1YPAgMLBQBUUQQfBVQKAhG8FAFNRHwsL^UwofBFMDAgsFUFBTAFFTEB4QfkprS}UXRlDQgZ1cXMPEAgCHhBUVVF8YHZGRHZ6Bg8QCBB+W1xNK8DNaHShJKCgRtBAYQHhB\u003exdAIFelkGBmJLBg8QCAIeEGdbRlp5cGBxa0pdDxAIAwQKDBR4QY2FjS2hFYHl/XgIPEAgBBAICHhBwd`FkBdVl7AH1LAg8QCAMFBgoKBwcBAK}gYKAAceEGGUCe11KjYAZBeHp/DxAIAwUGCgoHBwECBgoGAh4QeEoGZ3pldAB1YVkPEAgQAAELAwBWAwIfAVQLAx8DA1QCH1AHAgMfUFYKCwoBUVc7EU1EKEB4Qf2RjcWQBYwtzdXcPEAhcR15eHhBTegJQVFsCZ3VnWQ8QCAIeEH1zA35mXAd7bYXpnDxAIVFNeQVdPT28=\u0026appId=PXLf533Ppe\u0026tag=YGUTIS4XE0p9\u0026uuid=23912d10-3f91-11f0-b501-bd8983ce6ac8\u0026ft=355\u0026seq=0\u0026en=NTA\u0026pc=2185597241182729\u0026rsc=1"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 02 Jun 2025 09:09:02 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1673,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"7f48c34aa73f111fbec65de2b98f1b80","sha1":"46018e53677fca38ad42a3443d992e3655363bd7","sha256":"badf21276d4a95c4c9e2607427c94b32dfe50e982ca15d34df9fb0d57023284a","sha512":"825433b54710a6008040f627813b8c1f228a0454e02cd8d5c36badb317645cc742238f81150548774d651e2dfe829d1523e725a61f8d2ee061a8db0d6d99fe03","ssdeep":"","tlshash":"f431208746e301197857a0580fb773142de2881b924fcd687f8d6388cf8ae9789a33cd","first_seen":"2025-06-02T09:09:24.330273Z","last_seen":"2025-06-08T09:41:22.610056Z","times_seen":3,"resource_available":false,"data":null}},"time_used":7109,"timings":{"blocked":3471,"dns":253,"connect":160,"send":0,"wait":162,"receive":0,"ssl":3058},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-02","alert":"Sinkholed","trigger":"longfeng47.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}