{"report_id":"adcf15c0-70f2-4d97-88c6-95cae22f6ce2","version":0,"status":"done","tags":[],"date":"2026-06-19T01:11:24Z","url":{"schema":"http","addr":"tlktokshopa.com","fqdn":"tlktokshopa.com","domain":"tlktokshopa.com","tld":"com"},"ip":{"addr":"8.208.19.206","port":0,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"tlktokshopa.com/login?redirect=/","fqdn":"tlktokshopa.com","domain":"tlktokshopa.com","tld":"com"},"title":"TikTok Shop","dom":{"size":3196,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2750)","md5":"5e2217dcefa66ffb159dd1f239348072","sha1":"703a1e50edfb477085ca92c0acba99a1cb3d4a88","sha256":"ab02e44cd3187a7916d3c07328e8cf6d77d7417e01b8101b7d027814825c5ed1","sha512":"c2ef006b5bd44d9439ae25a579018643815daee4cffba00ec503e72713966f9f0fe78bf5e3c3815b0d21c626ede3d28d573024b7be3f3d33cb848d29edd68094","ssdeep":"","tlshash":"0c61bea6d81e1a2b5603c5c054b1eae53ab1cf5dc90e30019faa03d50fefc31ac7e4a6","dom_hash":"domhashc8c6841c208270568d7afa5187d540cb","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tlktokshopa.com","fqdn":"tlktokshopa.com","domain":"tlktokshopa.com","tld":"com"},"ip":{"addr":"8.208.19.206","port":0,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-24T01:11:24Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-19","alert":"Phishing Block","trigger":"tlktokshopa.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"tlktokshopa.com","ip":{"addr":"8.208.19.206","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United Kingdom","country_code":"GB"},"domain_registered":"2026-06-18","domain_rank":0,"first_seen":"2026-06-19T00:57:32.368497Z","last_seen":"2026-06-19T00:57:32.368497Z","alert_count":30,"request_count":10,"received_data":1016636,"sent_data":4923,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"tlktokshopa.com/assets/index-DtmZ_7gF.js","fqdn":"tlktokshopa.com","domain":"tlktokshopa.com","tld":"com"},"ip":{"addr":"8.208.19.206","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"c6df9e38a30502e5563d0aef5176d84f","sha1":"9c3e484b6fb3a57827fc5da50ba8f7049514d401","sha256":"b5d871f9083ca671e8f0654199bff2c34ad19ede2be04f865bba5c9df78ae5d9","sha512":"262961964c599dc53da89d7468c66ea75e5f4334ea65a9f6b154f3c5aa9211dc1f61f322ebf4a06df90a889dbc163dea941e7f7dbbb5e7f18de0455bb504c9dc","ssdeep":"12288:t6QYs9f93aTo5fY44RAeMq2liBwuZV65e9DwO3kAHtqViAmcb:t6Ls9fNaTo5fY44Ke52liBwuZVKe9DV0","tlshash":"38c46b94b1e5747593b748e550bb0105b22d1f89b008c4f0f0bdae963e6ad95a2bbf3c","size":556202,"data":"","first_seen":"2026-06-19T00:57:36.036754Z","last_seen":"2026-06-19T01:11:26.54266Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"tlktokshopa.com/","fqdn":"tlktokshopa.com","domain":"tlktokshopa.com","tld":"com"},"ip":{"addr":"8.208.19.206","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-19T01:11:01.572Z","timestamp":1781831461572,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tlktokshopa.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 23:45:52 GMT","end":"Tue, 15 Sep 2026 23:45:51 GMT"},"fingerprint":{"sha1":"AF:C5:93:4F:F7:F1:01:EA:27:8F:79:14:D2:BE:C5:F2:0D:F1:3C:A7","sha256":"2C:97:D6:DC:47:F1:49:EE:42:64:D9:50:95:B7:6F:18:5C:C9:2A:7F:23:41:D9:19:8F:87:D9:5E:19:DE:AD:65"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tlktokshopa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.31.1\r\nDate: Fri, 19 Jun 2026 01:11:01 GMT\r\nContent-Type: text/html\r\nContent-Length: 406\r\nLast-Modified: Thu, 18 Jun 2026 00:11:00 GMT\r\nConnection: keep-alive\r\nETag: \"6a333794-196\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":406,"size_decoded":644,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"de58c9530a3133b7618e4b3c2c713ce3","sha1":"e987a16b9e9e6d49f2c7a3375a84f5cececa483c","sha256":"2ac6b476a9fd6051766cc0acf648440bf94daf658e724853781786eb91edc3b3","sha512":"8a5e2079ac6e5a9c91a9cb87164bbb29e74d955aac49747bdc72f2ea983de3f4e60a8b5b985a52a62b89c79259852ddcb2c1daf6bd718a7fb0ccc614f3712f35","ssdeep":"","tlshash":"1de0ab4284a18918833006141dd0f8086e96eb87874a9d4429e7607c4f847cacdcf56c","first_seen":"2026-06-19T00:57:36.04248Z","last_seen":"2026-06-19T01:11:26.539302Z","times_seen":2,"resource_available":true,"data":null}},"time_used":356,"timings":{"blocked":-1,"dns":241,"connect":27,"send":0,"wait":26,"receive":0,"ssl":63},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-19","alert":"Phishing Block","trigger":"tlktokshopa.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tlktokshopa.com/api/site_config/bootstrap","fqdn":"tlktokshopa.com","domain":"tlktokshopa.com","tld":"com"},"ip":{"addr":"8.208.19.206","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://tlktokshopa.com/","date":"2026-06-19T01:11:02.426Z","timestamp":1781831462426,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tlktokshopa.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 23:45:52 GMT","end":"Tue, 15 Sep 2026 23:45:51 GMT"},"fingerprint":{"sha1":"AF:C5:93:4F:F7:F1:01:EA:27:8F:79:14:D2:BE:C5:F2:0D:F1:3C:A7","sha256":"2C:97:D6:DC:47:F1:49:EE:42:64:D9:50:95:B7:6F:18:5C:C9:2A:7F:23:41:D9:19:8F:87:D9:5E:19:DE:AD:65"}}},"request":{"raw":"GET /api/site_config/bootstrap HTTP/1.1\r\nHost: tlktokshopa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://tlktokshopa.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.31.1\r\nDate: Fri, 19 Jun 2026 01:11:02 GMT\r\nContent-Type: application/json\r\nContent-Length: 20433\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20433,"size_decoded":20590,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (16754), with no line terminators","md5":"34f254b6319092bc69441710bcbcafe3","sha1":"520d8b79844bc9f5a59163b45d7ccfb7286c9361","sha256":"85c93c122a91f757cd4c228e2a137ccf3a9e2f8beff60d458f0a5b5dcf3fafa5","sha512":"3859ec93d625977ff320f0c4d6eeb464349716aad573552786e0721f616ae1a8abcab3252825c637e6c2692d5e5ff7dfffda544a53c28f02c6c8ed509d9644a0","ssdeep":"384:pR8mjSnhM5mKG3qwkmq0tU9RjL8zqIAHTxaSGI+H/uz5583hZZ:pR8mjZ7Ga0UXL8zqjTxaD/fR3hZZ","tlshash":"3f9229ada2d807f327d2cac5f45b0ea524a552f2b3555b1e84fee57c12ce3de902b900","first_seen":"2026-06-19T00:57:36.038893Z","last_seen":"2026-06-19T01:11:26.54029Z","times_seen":2,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-19","alert":"Phishing Block","trigger":"tlktokshopa.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tlktokshopa.com/favicon.ico","fqdn":"tlktokshopa.com","domain":"tlktokshopa.com","tld":"com"},"ip":{"addr":"8.208.19.206","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tlktokshopa.com/","date":"2026-06-19T01:11:02.471Z","timestamp":1781831462471,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tlktokshopa.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 23:45:52 GMT","end":"Tue, 15 Sep 2026 23:45:51 GMT"},"fingerprint":{"sha1":"AF:C5:93:4F:F7:F1:01:EA:27:8F:79:14:D2:BE:C5:F2:0D:F1:3C:A7","sha256":"2C:97:D6:DC:47:F1:49:EE:42:64:D9:50:95:B7:6F:18:5C:C9:2A:7F:23:41:D9:19:8F:87:D9:5E:19:DE:AD:65"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: tlktokshopa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tlktokshopa.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.31.1\r\nDate: Fri, 19 Jun 2026 01:11:02 GMT\r\nContent-Type: text/html\r\nContent-Length: 406\r\nLast-Modified: Thu, 18 Jun 2026 00:11:00 GMT\r\nConnection: keep-alive\r\nETag: \"6a333794-196\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":406,"size_decoded":644,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"de58c9530a3133b7618e4b3c2c713ce3","sha1":"e987a16b9e9e6d49f2c7a3375a84f5cececa483c","sha256":"2ac6b476a9fd6051766cc0acf648440bf94daf658e724853781786eb91edc3b3","sha512":"8a5e2079ac6e5a9c91a9cb87164bbb29e74d955aac49747bdc72f2ea983de3f4e60a8b5b985a52a62b89c79259852ddcb2c1daf6bd718a7fb0ccc614f3712f35","ssdeep":"","tlshash":"1de0ab4284a18918833006141dd0f8086e96eb87874a9d4429e7607c4f847cacdcf56c","first_seen":"2026-06-19T00:57:36.04248Z","last_seen":"2026-06-19T01:11:26.539302Z","times_seen":2,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-19","alert":"Phishing Block","trigger":"tlktokshopa.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tlktokshopa.com/uploads/96445b0beeb348688ece8554c65a91df.jpg","fqdn":"tlktokshopa.com","domain":"tlktokshopa.com","tld":"com"},"ip":{"addr":"8.208.19.206","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tlktokshopa.com/","date":"2026-06-19T01:11:02.476Z","timestamp":1781831462476,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tlktokshopa.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 23:45:52 GMT","end":"Tue, 15 Sep 2026 23:45:51 GMT"},"fingerprint":{"sha1":"AF:C5:93:4F:F7:F1:01:EA:27:8F:79:14:D2:BE:C5:F2:0D:F1:3C:A7","sha256":"2C:97:D6:DC:47:F1:49:EE:42:64:D9:50:95:B7:6F:18:5C:C9:2A:7F:23:41:D9:19:8F:87:D9:5E:19:DE:AD:65"}}},"request":{"raw":"GET /uploads/96445b0beeb348688ece8554c65a91df.jpg HTTP/1.1\r\nHost: tlktokshopa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tlktokshopa.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.31.1\r\nDate: Fri, 19 Jun 2026 01:11:02 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 50424\r\nConnection: keep-alive\r\nlast-modified: Thu, 18 Jun 2026 00:24:47 GMT\r\netag: \"c803c6bbc2c276eaab304bcbe8cade06\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50424,"size_decoded":50663,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1909x389, components 3","md5":"a1d842fc6b5daa3e97fd5f428ec199c5","sha1":"b1a1fb7c21cc60bb40eab1ea74add0050e70edf0","sha256":"83dcadce701a2c0f8db3667ce940978e4c0705e012bb533e5ba4ef3e05b635b3","sha512":"845ed4bb362d28e11f7a8cbb0bffe938cb9d82cbc86bd1c208669ee3d4b73b58dd97af8c261e77675fed53bcc42f7c24e60bd7911b64f2331bc6d6161f898344","ssdeep":"768:JuRM1dp/rwRQh16hccJgLuLT8qpgH3hHCsjbNx25suRQ46JWO:UM1XIQh16hcxVqpgHRHD/n25sr4vO","tlshash":"4533f19a93ae009bd2bd617e719761c92b70c8e6ded08727b38d9850b3f35d4bc05c25","first_seen":"2026-06-19T00:57:36.039806Z","last_seen":"2026-06-19T01:11:26.541085Z","times_seen":2,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":0,"dns":0,"connect":27,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-19","alert":"Phishing Block","trigger":"tlktokshopa.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tlktokshopa.com/uploads/030bdaea0f344b948b2f59264f35670a.png","fqdn":"tlktokshopa.com","domain":"tlktokshopa.com","tld":"com"},"ip":{"addr":"8.208.19.206","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tlktokshopa.com/","date":"2026-06-19T01:11:02.627Z","timestamp":1781831462627,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tlktokshopa.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 23:45:52 GMT","end":"Tue, 15 Sep 2026 23:45:51 GMT"},"fingerprint":{"sha1":"AF:C5:93:4F:F7:F1:01:EA:27:8F:79:14:D2:BE:C5:F2:0D:F1:3C:A7","sha256":"2C:97:D6:DC:47:F1:49:EE:42:64:D9:50:95:B7:6F:18:5C:C9:2A:7F:23:41:D9:19:8F:87:D9:5E:19:DE:AD:65"}}},"request":{"raw":"GET /uploads/030bdaea0f344b948b2f59264f35670a.png HTTP/1.1\r\nHost: tlktokshopa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tlktokshopa.com/login?redirect=/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.31.1\r\nDate: Fri, 19 Jun 2026 01:11:02 GMT\r\nContent-Type: image/png\r\nContent-Length: 58950\r\nConnection: keep-alive\r\nlast-modified: Thu, 18 Jun 2026 00:24:47 GMT\r\netag: \"a9222cff435bd9301a89402655ff7034\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58950,"size_decoded":59188,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"f6debba69574539a485b3487943587fd","sha1":"01d90ecb9e9a2c56e085bb514d5e28b4cef524e5","sha256":"fef9305d58c0ed1a90b0201f3e87fd3bf5dc4f7eec83d70f23943073caa8080a","sha512":"76cfe1ebb86c2396155b52b459999948693f936898addf7725739f8f7ff0745f14a90118e8aa14527b7ad2a7523dba004e5fc4df435a7fe891ba6724e01dcf0b","ssdeep":"1536:XgMbiinxLCVaBEycngV/D7/uQ7tL2nLyl/A6tO:XgMbicB+wD7/b74LqZg","tlshash":"fa4301d185c4e938d9f4eebb8c46e4ecebe36507976b18cc19e3f81de509422491239c","first_seen":"2026-06-19T00:57:36.041635Z","last_seen":"2026-06-19T01:11:26.541735Z","times_seen":2,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-19","alert":"Phishing Block","trigger":"tlktokshopa.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tlktokshopa.com/assets/index-DtmZ_7gF.js","fqdn":"tlktokshopa.com","domain":"tlktokshopa.com","tld":"com"},"ip":{"addr":"8.208.19.206","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tlktokshopa.com/","date":"2026-06-19T01:11:02.130Z","timestamp":1781831462130,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tlktokshopa.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 23:45:52 GMT","end":"Tue, 15 Sep 2026 23:45:51 GMT"},"fingerprint":{"sha1":"AF:C5:93:4F:F7:F1:01:EA:27:8F:79:14:D2:BE:C5:F2:0D:F1:3C:A7","sha256":"2C:97:D6:DC:47:F1:49:EE:42:64:D9:50:95:B7:6F:18:5C:C9:2A:7F:23:41:D9:19:8F:87:D9:5E:19:DE:AD:65"}}},"request":{"raw":"GET /assets/index-DtmZ_7gF.js HTTP/1.1\r\nHost: tlktokshopa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tlktokshopa.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.31.1\r\nDate: Fri, 19 Jun 2026 01:11:02 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 556202\r\nLast-Modified: Thu, 18 Jun 2026 00:11:00 GMT\r\nConnection: keep-alive\r\nETag: \"6a333794-87caa\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":556202,"size_decoded":556458,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (43735)","md5":"c6df9e38a30502e5563d0aef5176d84f","sha1":"9c3e484b6fb3a57827fc5da50ba8f7049514d401","sha256":"b5d871f9083ca671e8f0654199bff2c34ad19ede2be04f865bba5c9df78ae5d9","sha512":"262961964c599dc53da89d7468c66ea75e5f4334ea65a9f6b154f3c5aa9211dc1f61f322ebf4a06df90a889dbc163dea941e7f7dbbb5e7f18de0455bb504c9dc","ssdeep":"12288:t6QYs9f93aTo5fY44RAeMq2liBwuZV65e9DwO3kAHtqViAmcb:t6Ls9fNaTo5fY44Ke52liBwuZVKe9DV0","tlshash":"38c46b94b1e5747593b748e550bb0105b22d1f89b008c4f0f0bdae963e6ad95a2bbf3c","first_seen":"2026-06-19T00:57:36.036754Z","last_seen":"2026-06-19T01:11:26.54266Z","times_seen":2,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":109,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-19","alert":"Phishing Block","trigger":"tlktokshopa.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tlktokshopa.com/assets/index-ByaM2VTg.css","fqdn":"tlktokshopa.com","domain":"tlktokshopa.com","tld":"com"},"ip":{"addr":"8.208.19.206","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tlktokshopa.com/","date":"2026-06-19T01:11:02.131Z","timestamp":1781831462131,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tlktokshopa.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 23:45:52 GMT","end":"Tue, 15 Sep 2026 23:45:51 GMT"},"fingerprint":{"sha1":"AF:C5:93:4F:F7:F1:01:EA:27:8F:79:14:D2:BE:C5:F2:0D:F1:3C:A7","sha256":"2C:97:D6:DC:47:F1:49:EE:42:64:D9:50:95:B7:6F:18:5C:C9:2A:7F:23:41:D9:19:8F:87:D9:5E:19:DE:AD:65"}}},"request":{"raw":"GET /assets/index-ByaM2VTg.css HTTP/1.1\r\nHost: tlktokshopa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tlktokshopa.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.31.1\r\nDate: Fri, 19 Jun 2026 01:11:02 GMT\r\nContent-Type: text/css\r\nContent-Length: 225732\r\nLast-Modified: Thu, 18 Jun 2026 00:11:00 GMT\r\nConnection: keep-alive\r\nETag: \"6a333794-371c4\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":225732,"size_decoded":225974,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"3c3948d04c389885c5a4add749cbc80b","sha1":"a2c6d091d50809569de4ad46edecac3a0e3b7815","sha256":"7cb5d392b6e59e4a4cf2f382b1e6cd62617c72e929c06b25b086359443d2b72e","sha512":"316717b40be053098d9df6a57be57cf271d39c3a2a2e624642e39e5d52b08730da507e9ddcca1a71341c4420baa3c5dc9679be0a01ceb28a3e1f4a345ab0e580","ssdeep":"1536:rzmOxrECchI91IyNBi3MFYaQj7FCwsBlDOFIxuVoxJPUcBkja1Al5a4zitVTV0x5:uhwvNIClDsIxuVSzQay5","tlshash":"2724d6a5b694917cbf2bf274ab8756dcf23cf621dd01caa4f10491284ec7bf5062361a","first_seen":"2026-06-19T00:57:36.037958Z","last_seen":"2026-06-19T01:11:26.543625Z","times_seen":2,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":25,"send":0,"wait":50,"receive":77,"ssl":30},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-19","alert":"Phishing Block","trigger":"tlktokshopa.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tlktokshopa.com/uploads/8e40e7de7f6f4ef9a4c4ee976068cc90.jpg","fqdn":"tlktokshopa.com","domain":"tlktokshopa.com","tld":"com"},"ip":{"addr":"8.208.19.206","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tlktokshopa.com/","date":"2026-06-19T01:11:02.473Z","timestamp":1781831462473,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tlktokshopa.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 23:45:52 GMT","end":"Tue, 15 Sep 2026 23:45:51 GMT"},"fingerprint":{"sha1":"AF:C5:93:4F:F7:F1:01:EA:27:8F:79:14:D2:BE:C5:F2:0D:F1:3C:A7","sha256":"2C:97:D6:DC:47:F1:49:EE:42:64:D9:50:95:B7:6F:18:5C:C9:2A:7F:23:41:D9:19:8F:87:D9:5E:19:DE:AD:65"}}},"request":{"raw":"GET /uploads/8e40e7de7f6f4ef9a4c4ee976068cc90.jpg HTTP/1.1\r\nHost: tlktokshopa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tlktokshopa.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.31.1\r\nDate: Fri, 19 Jun 2026 01:11:02 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 50424\r\nConnection: keep-alive\r\nlast-modified: Thu, 18 Jun 2026 00:24:47 GMT\r\netag: \"9bfe228fa7e8a1e2d7f529c6bf6e8adb\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50424,"size_decoded":50663,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1909x389, components 3","md5":"a1d842fc6b5daa3e97fd5f428ec199c5","sha1":"b1a1fb7c21cc60bb40eab1ea74add0050e70edf0","sha256":"83dcadce701a2c0f8db3667ce940978e4c0705e012bb533e5ba4ef3e05b635b3","sha512":"845ed4bb362d28e11f7a8cbb0bffe938cb9d82cbc86bd1c208669ee3d4b73b58dd97af8c261e77675fed53bcc42f7c24e60bd7911b64f2331bc6d6161f898344","ssdeep":"768:JuRM1dp/rwRQh16hccJgLuLT8qpgH3hHCsjbNx25suRQ46JWO:UM1XIQh16hcxVqpgHRHD/n25sr4vO","tlshash":"4533f19a93ae009bd2bd617e719761c92b70c8e6ded08727b38d9850b3f35d4bc05c25","first_seen":"2026-06-19T00:57:36.039806Z","last_seen":"2026-06-19T01:11:26.541085Z","times_seen":2,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-19","alert":"Phishing Block","trigger":"tlktokshopa.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tlktokshopa.com/api/site_config","fqdn":"tlktokshopa.com","domain":"tlktokshopa.com","tld":"com"},"ip":{"addr":"8.208.19.206","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tlktokshopa.com/","date":"2026-06-19T01:11:02.484Z","timestamp":1781831462484,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tlktokshopa.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 23:45:52 GMT","end":"Tue, 15 Sep 2026 23:45:51 GMT"},"fingerprint":{"sha1":"AF:C5:93:4F:F7:F1:01:EA:27:8F:79:14:D2:BE:C5:F2:0D:F1:3C:A7","sha256":"2C:97:D6:DC:47:F1:49:EE:42:64:D9:50:95:B7:6F:18:5C:C9:2A:7F:23:41:D9:19:8F:87:D9:5E:19:DE:AD:65"}}},"request":{"raw":"GET /api/site_config HTTP/1.1\r\nHost: tlktokshopa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tlktokshopa.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.31.1\r\nDate: Fri, 19 Jun 2026 01:11:02 GMT\r\nContent-Type: application/json\r\nContent-Length: 25749\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25749,"size_decoded":25906,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (21742), with no line terminators","md5":"957f4dd5ff8152952cab33aafeed1144","sha1":"f473f150567335f16a36f60e03f5fae2eba182ea","sha256":"5c4bf7f4d9a4dbc9bb7aff7854840c7415473f64ce6c518feaa7ca2e88569806","sha512":"e25cc84eb5ecc29312efa4e20a6a5daf1964336dc9b1a3c18823ac5cec7ec38f7a3ac332d05e655384d0ab568aae4796d9d070f1b17fdbb4a428ea0b819634d5","ssdeep":"384:tx8M5mKG3qwkmq0tU9RjL8zqIAHTxaSGI+H/uz5583hZTk7Ot9Ua8pKHdzNrDERd:T7Ga0UXL8zqjTxaD/fR3hZNxzNrDERrR","tlshash":"85b2289ab2980af327d3cac6f45b5d9224a551f273458e2ac4fed6bc12ce3cd951f804","first_seen":"2026-06-19T01:11:26.544433Z","last_seen":"2026-06-19T01:11:26.544433Z","times_seen":1,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":27,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-19","alert":"Phishing Block","trigger":"tlktokshopa.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tlktokshopa.com/api/site_config","fqdn":"tlktokshopa.com","domain":"tlktokshopa.com","tld":"com"},"ip":{"addr":"8.208.19.206","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tlktokshopa.com/","date":"2026-06-19T01:11:02.523Z","timestamp":1781831462523,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tlktokshopa.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 23:45:52 GMT","end":"Tue, 15 Sep 2026 23:45:51 GMT"},"fingerprint":{"sha1":"AF:C5:93:4F:F7:F1:01:EA:27:8F:79:14:D2:BE:C5:F2:0D:F1:3C:A7","sha256":"2C:97:D6:DC:47:F1:49:EE:42:64:D9:50:95:B7:6F:18:5C:C9:2A:7F:23:41:D9:19:8F:87:D9:5E:19:DE:AD:65"}}},"request":{"raw":"GET /api/site_config HTTP/1.1\r\nHost: tlktokshopa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tlktokshopa.com/login?redirect=/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.31.1\r\nDate: Fri, 19 Jun 2026 01:11:02 GMT\r\nContent-Type: application/json\r\nContent-Length: 25749\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25749,"size_decoded":25906,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (21742), with no line terminators","md5":"957f4dd5ff8152952cab33aafeed1144","sha1":"f473f150567335f16a36f60e03f5fae2eba182ea","sha256":"5c4bf7f4d9a4dbc9bb7aff7854840c7415473f64ce6c518feaa7ca2e88569806","sha512":"e25cc84eb5ecc29312efa4e20a6a5daf1964336dc9b1a3c18823ac5cec7ec38f7a3ac332d05e655384d0ab568aae4796d9d070f1b17fdbb4a428ea0b819634d5","ssdeep":"384:tx8M5mKG3qwkmq0tU9RjL8zqIAHTxaSGI+H/uz5583hZTk7Ot9Ua8pKHdzNrDERd:T7Ga0UXL8zqjTxaD/fR3hZNxzNrDERrR","tlshash":"85b2289ab2980af327d3cac6f45b5d9224a551f273458e2ac4fed6bc12ce3cd951f804","first_seen":"2026-06-19T01:11:26.544433Z","last_seen":"2026-06-19T01:11:26.544433Z","times_seen":1,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":8,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"tlktokshopa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-19","alert":"Phishing Block","trigger":"tlktokshopa.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}