{"report_id":"ae7b5776-84cd-4781-a1f7-22d3afdd414a","version":6,"status":"done","tags":[],"date":"2026-01-28T04:31:03Z","url":{"schema":"http","addr":"zf6q.vip","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":0,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"zf6q.vip/","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"title":"zf6q.vip/","dom":{"size":12695,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10359)","md5":"b6901303a6c230b7deed30831f6d1d5b","sha1":"d3790d817a11abb1172a98bbf585af5fca010993","sha256":"2b75e812d3d8f71511b1f7252d37a0e34feae8b0d6a96a3589b1ec29429d9077","sha512":"e238bf831d71f670bccdb2f9e5a55f1c91aac2edaffb061005316ef8ee9934c774aa337502bad3ab8033cd3ec654cd6b83d64ce7f536e20d67f91e93f4433274","ssdeep":"192:gFbo9IOyESgSk4j6Xr9meqDODcZDYEr8DXgMynmOub3fi0QKqvgyB:8o9LR79mtGaYZXPON5KI","tlshash":"7f42df68b4066c335b73cad4e9bdae04b1d2bb3acb14df9586b402366fd6de06411738","dom_hash":"domhash1caa8eb3f1b3e2b148bacfdcf97bef59","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"zf6q.vip","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":0,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-04T04:31:03Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-01-25T22:30:32.196824Z","alert_count":0,"request_count":1,"received_data":34885,"sent_data":447,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-01-25T22:25:20.721908Z","alert_count":0,"request_count":1,"received_data":103034,"sent_data":460,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"zf6q.vip","ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":76,"request_count":19,"received_data":570463,"sent_data":8341,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"FingerprintJS:3","description":"FingerprintJS is a browser fingerprinting library that queries browser attributes and computes a hashed visitor identifier from them.","website":"https://fingerprintjs.com","common_platform_enumeration":"","icon":"FingerprintJS.svg","categories":["JavaScript libraries","Browser fingerprinting"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-25T22:17:37.642954Z","alert_count":0,"request_count":1,"received_data":13321,"sent_data":471,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.dcloud.net.cn","ip":{"addr":"118.25.42.241","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2013-07-17","domain_rank":296858,"first_seen":"2018-09-15T09:18:08Z","last_seen":"2026-01-21T11:55:18.622959Z","alert_count":0,"request_count":1,"received_data":579,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"zf6q.vip/assets/page_footer.WL0YNd9I.js","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"6d290cc1c1adcca5a03f2f2e293f53fd","sha1":"dbc6b59a471bd85c189486da55ea016f22f764d2","sha256":"3756745d594e4ebb9dcaa581efd928d53c615aff87c10607412a8b0c2c10db25","sha512":"916965ed957a7cc0b296ec00e7c7e0ba717ea554d766603aca1c2c3b443592a2e8209ffb71dee10e591228eba25194fbdfd2a68035e51c36c2043d0df323a354","ssdeep":"","tlshash":"0b41cf581c4b823f259b91bad122a430b68a1ff0cb70cc92d8f98a55669ddfc3c16d2c","size":2290,"data":"","first_seen":"2026-01-20T12:19:40.393843Z","last_seen":"2026-01-28T23:47:26.051747Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9fb9d2c62d0b53b369d827901c46d31c","sha1":"bb623e7486aa9ba44851ecc6ae01db5fe42d83a1","sha256":"b02ca87ad43e5ca61f953b2e414559e63f426c8513f7808707f39a4ba04ab219","sha512":"48cbe981398942910959f746a8225a91578752b67121817ae3b6b85859d0e97f9d89e96f1672b63d758f3148f3f37034017fd93d83415097616a90af285f0a18","ssdeep":"","tlshash":"afe061c3506e394c02108119304ac0075bb908b2de8549611c5837a58af9e4bc569455","size":363,"data":"","first_seen":"2025-03-05T00:30:25.174857Z","last_seen":"2026-05-31T15:28:13.961746Z","times_seen":455,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"375436f436cc1022d7b4569a817c1a6b","sha1":"9359415cc419874654000870ca54523875c12c16","sha256":"99dc3803d1f19c8103f79f834044b2afd4c8af5b7927efbd36b1052d528b40ae","sha512":"077cb9e67a028f8ffc6c9f19793c15e20379840da1a927e711a0ac4dcf15fe6e1a15cee75436df340c707b9e77118f3cd38ede493e060c592069f39bc6001a92","ssdeep":"384:chQYSwHRBcifEJzXhGUa4LdsF7wRuCfLVg5+pCqNFaiE8E0QIQfJW7us6RfGDUPX:cSMHRU7Lic9NwlJW5iffPREA75","tlshash":"c5e207d8b2c3b029227378b6497f6007b63abd15242d4843d57be4c17ca5e5a813bfb9","size":33780,"data":"","first_seen":"2023-07-07T04:22:54Z","last_seen":"2026-06-06T12:00:10.742246Z","times_seen":8354,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/page_header.BSDodSuC.js","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"0a9cd153e8655735712045431d2e7769","sha1":"0d5d5029206ddea034db779e2447861a0bc226ac","sha256":"3224c0536219c55ea92eab1b6549c74b4002e126d050106d7c7e04f5a127edf7","sha512":"6dddf8547dbff2867fe005c80030c55e4daafc9c1f63673aa6c4358f33eb2be81e3e38b6358596882c0e901a9a16dd0016d034b4e4adfeb76e9e1ca94a03c99c","ssdeep":"","tlshash":"ca01c04d6c4fc17a622354ded42298382154077e93249ce1c0fc8c396bd5dac761bf29","size":756,"data":"","first_seen":"2026-01-20T12:19:40.384693Z","last_seen":"2026-01-28T23:47:26.050672Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/pages-ap-login.Q88v8yAT.js","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"704978462d9e6bb1d02c4438115b1136","sha1":"04b2ee55425c2efe0cb3ca158f06a2a9deae66cd","sha256":"69bbe25248ee4640b49da5d9ca56d943993e1cfa77559285b0013d4a08ee7633","sha512":"6113997265249705157276808e07a5c1a35a674463d411afeeedc323e32f91b299e5d7997315e76400347d70c02c59cc558e91967fb77c70ab37652d5d7656d2","ssdeep":"192:FA8PrRby4titatCksPgPtNbkIUBzl8Q//BxR1750rnVVrZ39WgcIMWESwvvWyN/q:FAy0taFex8Q//v7QTr1THhZMfw","tlshash":"c152641db92ac3b4b33b06c861665404b01b1ffed560bdd250f90b1c7ab6eac119a77e","size":13244,"data":"","first_seen":"2026-01-20T12:19:40.391015Z","last_seen":"2026-01-28T23:47:26.05129Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9549491fa69813d582450290c39998b2","sha1":"e5994dcd04f3a660c8b11fc387ad191452c4bdf3","sha256":"2a3d691b2933dc59b8bca5b587316b9606b723e2c4b5ec9fc80ecddb5698b77b","sha512":"f953999686d22954c2aa187d0f35384bf02532e8bba254aca9c2e62cbf952549c1fa8f1ad647cd5091acf36f0a8075ff07367bb25a4b4867924da53af90883bd","ssdeep":"","tlshash":"c7a002ec01c8063dd13170b9ab2b3eb03f595c510343116f9699bb157146a17c70b4ec","size":76,"data":"","first_seen":"2025-09-27T19:31:00.108292Z","last_seen":"2026-03-08T23:08:16.643086Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/index-B8oB7yPE.js","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"60dd5b8f923150e5242cb7c1cdabf430","sha1":"06bbf1e6d422df9d12553d03e5781af463346aa3","sha256":"97399ec77eb38f6cb39cc8a9a6577e80d59a5b21d79721088899316c243e943d","sha512":"40dcd5448e88a683cef9dae768b66002e0013b695b5b9ec39a91278ce3c032fec077603e81b265c5bc02e7eefbf8c2802e9527f171f543c65123668dba081673","ssdeep":"12288:08lX/qx7zvIczg7/v8dpnVPTUD9iwug1v1ilcOZWENJqKIh:08lX/qx7zvIczg7HMpnVPAD9iwug1v13","tlshash":"53844bd4b695b46903b639f6403f1101f33e1d16b80d8098f66ce9db3d2a99962b7f38","size":399159,"data":"","first_seen":"2026-01-20T12:19:40.40191Z","last_seen":"2026-01-28T23:47:26.057569Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/_plugin-vue_export-helper.BCo6x5W8.js","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","size":91,"data":"","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-06-06T11:23:19.853947Z","times_seen":1550,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/uni-app.es.oH1CBmRy.js","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"b1a44ec1506f245878bc01119194ef49","sha1":"702097a9597af901df9bcbfaa204c9282778d860","sha256":"2e9d0f917159840404ce64f27a5c9b3af25bbeab9634d6aa6e7cb8e1df793c73","sha512":"9cf183608dc46b0c2d4ab4d4dc4024dc049a5463c6d1b63961aeea18cd90d7db64356e5bd8cf9d1744b315a5526db00c7b5ad335410eab98ae4566efc3d81375","ssdeep":"","tlshash":"49a01247708124571c0304900165d407717711d145888730c1c003244af44a88229909","size":84,"data":"","first_seen":"2026-01-20T12:19:40.399288Z","last_seen":"2026-01-28T23:47:26.050069Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"3d5272693eb411e5b8b13a243f76c720","sha1":"6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c","sha256":"9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8","sha512":"03fc5614f48fc9a2e3c4a30626fdbacde74c1fda09ffa9d1cde0393d31cd5fe1588e270c241f4cedb473c6e5cc224ff16c141468a29519ea6159accf3e3a18f1","ssdeep":"","tlshash":"a4c08c8350e2080c8210861b848880050b8808b04f9308a22cd85b7ecc9ae88c8f804c","size":148,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-06-06T18:15:47.223166Z","times_seen":15888,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"zf6q.vip/assets/page_footer-75n2Pr1D.css","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:43.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /assets/page_footer-75n2Pr1D.css HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zf6q.vip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:43 GMT\r\nContent-Type: text/css\r\nContent-Length: 3851\r\nLast-Modified: Tue, 20 Jan 2026 12:12:10 GMT\r\nConnection: keep-alive\r\nETag: \"696f711a-f0b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3851,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3850)","md5":"3ed08c7713abd1971eb2ec52bff7b810","sha1":"ca4622427871ade27539e4ef2631ccb6735198d7","sha256":"f6605a4d5c826c26f546de757c33568d246b6040ab6ddfd9a81966e399a93ab0","sha512":"9d0ab6db3558d0ad46fb7de5bcfb6481f08fa79b26d496b0141842ab0e11849d3c46352c11dead1d14e542e3af748476d19132fa81d3c908b559cd3897f7405f","ssdeep":"","tlshash":"5f81d011df494c53b66bde39e667638c7b360723a53284af9423e21dd86b0862333d6c","first_seen":"2026-01-15T14:00:58.770397Z","last_seen":"2026-02-26T01:00:45.913019Z","times_seen":59,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/_plugin-vue_export-helper.BCo6x5W8.js","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:43.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /assets/_plugin-vue_export-helper.BCo6x5W8.js HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://zf6q.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 91\r\nLast-Modified: Tue, 20 Jan 2026 12:12:24 GMT\r\nConnection: keep-alive\r\nETag: \"696f7128-5b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-06-06T11:23:19.853947Z","times_seen":1550,"resource_available":true,"data":null}},"time_used":847,"timings":{"blocked":339,"dns":1,"connect":165,"send":0,"wait":164,"receive":0,"ssl":173},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/_plugin-vue_export-helper.BCo6x5W8.js","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:44.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /assets/_plugin-vue_export-helper.BCo6x5W8.js HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zf6q.vip/assets/pages-ap-login.Q88v8yAT.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 91\r\nLast-Modified: Tue, 20 Jan 2026 12:12:24 GMT\r\nConnection: keep-alive\r\nETag: \"696f7128-5b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-06-06T11:23:19.853947Z","times_seen":1550,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/uni-app.es.oH1CBmRy.js","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:44.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /assets/uni-app.es.oH1CBmRy.js HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zf6q.vip/assets/pages-ap-login.Q88v8yAT.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 84\r\nLast-Modified: Tue, 20 Jan 2026 12:12:15 GMT\r\nConnection: keep-alive\r\nETag: \"696f711f-54\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"b1a44ec1506f245878bc01119194ef49","sha1":"702097a9597af901df9bcbfaa204c9282778d860","sha256":"2e9d0f917159840404ce64f27a5c9b3af25bbeab9634d6aa6e7cb8e1df793c73","sha512":"9cf183608dc46b0c2d4ab4d4dc4024dc049a5463c6d1b63961aeea18cd90d7db64356e5bd8cf9d1744b315a5526db00c7b5ad335410eab98ae4566efc3d81375","ssdeep":"","tlshash":"49a01247708124571c0304900165d407717711d145888730c1c003244af44a88229909","first_seen":"2026-01-20T12:19:40.399288Z","last_seen":"2026-01-28T23:47:26.050069Z","times_seen":28,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/pages-ap-login.Q88v8yAT.js","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:43.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /assets/pages-ap-login.Q88v8yAT.js HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://zf6q.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 13244\r\nLast-Modified: Tue, 20 Jan 2026 12:12:07 GMT\r\nConnection: keep-alive\r\nETag: \"696f7117-33bc\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13244,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (13243)","md5":"704978462d9e6bb1d02c4438115b1136","sha1":"04b2ee55425c2efe0cb3ca158f06a2a9deae66cd","sha256":"69bbe25248ee4640b49da5d9ca56d943993e1cfa77559285b0013d4a08ee7633","sha512":"6113997265249705157276808e07a5c1a35a674463d411afeeedc323e32f91b299e5d7997315e76400347d70c02c59cc558e91967fb77c70ab37652d5d7656d2","ssdeep":"192:FA8PrRby4titatCksPgPtNbkIUBzl8Q//BxR1750rnVVrZ39WgcIMWESwvvWyN/q:FAy0taFex8Q//v7QTr1THhZMfw","tlshash":"c152641db92ac3b4b33b06c861665404b01b1ffed560bdd250f90b1c7ab6eac119a77e","first_seen":"2026-01-20T12:19:40.391015Z","last_seen":"2026-01-28T23:47:26.05129Z","times_seen":28,"resource_available":true,"data":null}},"time_used":1004,"timings":{"blocked":336,"dns":1,"connect":165,"send":0,"wait":328,"receive":1,"ssl":171},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/pages-ap-login.Q88v8yAT.js","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:43.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /assets/pages-ap-login.Q88v8yAT.js HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zf6q.vip/assets/index-B8oB7yPE.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:43 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 13244\r\nLast-Modified: Tue, 20 Jan 2026 12:12:07 GMT\r\nConnection: keep-alive\r\nETag: \"696f7117-33bc\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13244,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (13243)","md5":"704978462d9e6bb1d02c4438115b1136","sha1":"04b2ee55425c2efe0cb3ca158f06a2a9deae66cd","sha256":"69bbe25248ee4640b49da5d9ca56d943993e1cfa77559285b0013d4a08ee7633","sha512":"6113997265249705157276808e07a5c1a35a674463d411afeeedc323e32f91b299e5d7997315e76400347d70c02c59cc558e91967fb77c70ab37652d5d7656d2","ssdeep":"192:FA8PrRby4titatCksPgPtNbkIUBzl8Q//BxR1750rnVVrZ39WgcIMWESwvvWyN/q:FAy0taFex8Q//v7QTr1THhZMfw","tlshash":"c152641db92ac3b4b33b06c861665404b01b1ffed560bdd250f90b1c7ab6eac119a77e","first_seen":"2026-01-20T12:19:40.391015Z","last_seen":"2026-01-28T23:47:26.05129Z","times_seen":28,"resource_available":true,"data":null}},"time_used":185,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":178,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/page_footer.WL0YNd9I.js","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:44.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /assets/page_footer.WL0YNd9I.js HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zf6q.vip/assets/pages-ap-login.Q88v8yAT.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2290\r\nLast-Modified: Tue, 20 Jan 2026 12:12:10 GMT\r\nConnection: keep-alive\r\nETag: \"696f711a-8f2\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2290,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2289)","md5":"6d290cc1c1adcca5a03f2f2e293f53fd","sha1":"dbc6b59a471bd85c189486da55ea016f22f764d2","sha256":"3756745d594e4ebb9dcaa581efd928d53c615aff87c10607412a8b0c2c10db25","sha512":"916965ed957a7cc0b296ec00e7c7e0ba717ea554d766603aca1c2c3b443592a2e8209ffb71dee10e591228eba25194fbdfd2a68035e51c36c2043d0df323a354","ssdeep":"","tlshash":"0b41cf581c4b823f259b91bad122a430b68a1ff0cb70cc92d8f98a55669ddfc3c16d2c","first_seen":"2026-01-20T12:19:40.393843Z","last_seen":"2026-01-28T23:47:26.051747Z","times_seen":28,"resource_available":true,"data":null}},"time_used":307,"timings":{"blocked":140,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/page_header.BSDodSuC.js","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:44.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /assets/page_header.BSDodSuC.js HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zf6q.vip/assets/pages-ap-login.Q88v8yAT.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 756\r\nLast-Modified: Tue, 20 Jan 2026 12:12:11 GMT\r\nConnection: keep-alive\r\nETag: \"696f711b-2f4\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":756,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (755)","md5":"0a9cd153e8655735712045431d2e7769","sha1":"0d5d5029206ddea034db779e2447861a0bc226ac","sha256":"3224c0536219c55ea92eab1b6549c74b4002e126d050106d7c7e04f5a127edf7","sha512":"6dddf8547dbff2867fe005c80030c55e4daafc9c1f63673aa6c4358f33eb2be81e3e38b6358596882c0e901a9a16dd0016d034b4e4adfeb76e9e1ca94a03c99c","ssdeep":"","tlshash":"ca01c04d6c4fc17a622354ded42298382154077e93249ce1c0fc8c396bd5dac761bf29","first_seen":"2026-01-20T12:19:40.384693Z","last_seen":"2026-01-28T23:47:26.050672Z","times_seen":28,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/static/favicon.ico","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:44.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /static/favicon.ico HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zf6q.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:44 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 17542\r\nLast-Modified: Tue, 20 Jan 2026 12:12:27 GMT\r\nConnection: keep-alive\r\nETag: \"696f712b-4486\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17542,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 4 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"ca6619b86c2f6e6068b69ba3aaddb7e4","sha1":"c44a1bb9d14385334eb851fbb0afb19d961c1ee7","sha256":"17d02e2db6dbedb95dd449d06868c147ac2c3b5371497bcb9407e75336a99e09","sha512":"30f8f8618bfbcd57925411e6860a10b6ad9a60f2a6b08d35c870ea3f4cec4692596a937ff1457ceff5847d5da2b86ceba0200706625e28c56a2455e6a8c121d3","ssdeep":"192:9dLhJ6/f2dh+xQLeZ10TLwhwOHae6nmErcglsIZS3F:3jaOdhQQu0TLwaOHEr6IZ","tlshash":"ae72f191ad68c084c37ef432dd69deab66467de2b6c26c071fb53f86f23821e7901106","first_seen":"2023-04-17T01:45:41Z","last_seen":"2026-06-06T18:54:35.729699Z","times_seen":19364,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":162,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:42.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:24 GMT","end":"Mon, 23 Mar 2026 19:52:23 GMT"},"fingerprint":{"sha1":"43:39:AF:0A:74:F9:2F:1B:C0:1E:4E:89:21:30:C2:28:EC:9F:6C:67","sha256":"EA:F1:0E:C7:36:18:F3:9D:D1:D5:34:23:44:7D:6F:9D:2F:61:C7:81:09:9E:E9:C8:02:C8:F2:2C:0A:83:B3:A5"}}},"request":{"raw":"GET /css2?family=Inter:wght@300;400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zf6q.vip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 28 Jan 2026 04:30:42 GMT\r\ndate: Wed, 28 Jan 2026 04:30:42 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12635,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"f04de8ad1ef740d940ec0f534a8f6474","sha1":"3b31756e84c8887867417c7d6cc64501c9d9193c","sha256":"2f1ac0c31bc3ede8317cf72e9d28051ec727c9a0014aa69cff495abd6256bb4e","sha512":"69afede137c125294044274e463f30c02594f379ec879285e0b3ee41097f503dfb8272487759870f547e4dc4cf8828a2c1efaa806deb2f3124b7f6d67c638783","ssdeep":"192:wNA1cO3lnxirNNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:8KYXuM0p2+4","tlshash":"28427892002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:44:19.218006Z","last_seen":"2026-06-06T17:54:33.976132Z","times_seen":23958,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":139,"dns":5,"connect":8,"send":0,"wait":18,"receive":0,"ssl":132},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/page_header.BSDodSuC.js","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:43.747Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /assets/page_header.BSDodSuC.js HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://zf6q.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 756\r\nLast-Modified: Tue, 20 Jan 2026 12:12:11 GMT\r\nConnection: keep-alive\r\nETag: \"696f711b-2f4\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":756,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (755)","md5":"0a9cd153e8655735712045431d2e7769","sha1":"0d5d5029206ddea034db779e2447861a0bc226ac","sha256":"3224c0536219c55ea92eab1b6549c74b4002e126d050106d7c7e04f5a127edf7","sha512":"6dddf8547dbff2867fe005c80030c55e4daafc9c1f63673aa6c4358f33eb2be81e3e38b6358596882c0e901a9a16dd0016d034b4e4adfeb76e9e1ca94a03c99c","ssdeep":"","tlshash":"ca01c04d6c4fc17a622354ded42298382154077e93249ce1c0fc8c396bd5dac761bf29","first_seen":"2026-01-20T12:19:40.384693Z","last_seen":"2026-01-28T23:47:26.050672Z","times_seen":28,"resource_available":true,"data":null}},"time_used":839,"timings":{"blocked":335,"dns":1,"connect":162,"send":0,"wait":162,"receive":0,"ssl":169},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dcloud.net.cn/img/shadow-grey.png","fqdn":"cdn.dcloud.net.cn","domain":"dcloud.net.cn","tld":"net.cn"},"ip":{"addr":"118.25.42.241","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:46.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dcloud.net.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 26 Aug 2025 11:47:17 GMT","end":"Fri, 25 Sep 2026 11:47:16 GMT"},"fingerprint":{"sha1":"47:A7:6C:09:6B:1D:CA:2D:7D:39:2E:C1:7F:15:DE:5D:F2:C4:0F:77","sha256":"EA:73:37:83:D0:38:44:D9:3C:0B:26:F0:DD:D1:22:2F:36:F7:F2:86:A1:B0:58:52:DE:4E:0A:21:D6:89:E7:3E"}}},"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcloud.net.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zf6q.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 28 Jan 2026 04:30:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 136\r\nlast-modified: Thu, 06 Jun 2019 06:42:07 GMT\r\netag: \"5cf8b5bf-88\"\r\nexpires: Wed, 28 Jan 2026 15:30:46 GMT\r\ncache-control: max-age=39600\r\nset-cookie: __uni__uid=rBEQMWl5kPZ+PBehA3H8Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 6, 4-bit colormap, non-interlaced","md5":"5a962adf74d92ae702467b3f47976547","sha1":"36f74049375584e3fa69b5ef87e9572336ff9e7a","sha256":"ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f","sha512":"4ace23fe7ec6c7271710030fd423aace13eafac68ac3e76366ce4ce9bdc702caf71c9bdc2fb6a32c8e9791546098617cc0259decd8bb8489afdbce43e1b53a73","ssdeep":"","tlshash":"47c09bf3a615dc754a0d153b42e98271f429511e07046d0e5a13c216741e3448d56793","first_seen":"2023-04-15T10:50:30Z","last_seen":"2026-06-06T18:15:47.206559Z","times_seen":16191,"resource_available":false,"data":null}},"time_used":1454,"timings":{"blocked":610,"dns":54,"connect":233,"send":0,"wait":233,"receive":0,"ssl":321},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:42.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zf6q.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 28 Jan 2026 04:30:42 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 14485\r\ncf-ray: 9c4dc18ae8c75696-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 3.4.2\r\nx-jsd-version-type: version\r\netag: W/\"83f4-k1lBXMQZh0ZUAAhwylRSOHXBLBY\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-eddf8230135-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 41883\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=eCtsusFM7X8au5XqCapWTxXjD%2FAdc1Jj8IJ0U3MPqEYfDIRKi0x8yGbTc2VjOQ%2Ffdno2C%2B0d6o0yzPfJFwVSJE0Hknm65r9hpdeI%2Fo2GajVyAvuzwyDRCNWC72FSXgxYhOA%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33780,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33446)","md5":"375436f436cc1022d7b4569a817c1a6b","sha1":"9359415cc419874654000870ca54523875c12c16","sha256":"99dc3803d1f19c8103f79f834044b2afd4c8af5b7927efbd36b1052d528b40ae","sha512":"077cb9e67a028f8ffc6c9f19793c15e20379840da1a927e711a0ac4dcf15fe6e1a15cee75436df340c707b9e77118f3cd38ede493e060c592069f39bc6001a92","ssdeep":"384:chQYSwHRBcifEJzXhGUa4LdsF7wRuCfLVg5+pCqNFaiE8E0QIQfJW7us6RfGDUPX:cSMHRU7Lic9NwlJW5iffPREA75","tlshash":"c5e207d8b2c3b029227378b6497f6007b63abd15242d4843d57be4c17ca5e5a813bfb9","first_seen":"2023-07-07T04:22:54Z","last_seen":"2026-06-06T12:00:10.742246Z","times_seen":8354,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":20,"dns":8,"connect":4,"send":0,"wait":15,"receive":1,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/uni.cb5fb309.css","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:42.366Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /assets/uni.cb5fb309.css HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zf6q.vip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:42 GMT\r\nContent-Type: text/css\r\nContent-Length: 8989\r\nLast-Modified: Tue, 20 Jan 2026 12:12:15 GMT\r\nConnection: keep-alive\r\nETag: \"696f711f-231d\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8989,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8988)","md5":"bdeccd0ec3cd386e6159326361db8be7","sha1":"70931ddf88c5bdd20c0a911e50b9ec1f9c7dc42d","sha256":"cb5fb309851d767f1f221cd06a7e2c274a6567160d80d0908b98e057a709c0c1","sha512":"b897e7fc5309c888392a058e9a6201b9d47240af40bbc2be5bec81066384384bc13761884015913c9bd236c1888443605944d0c63cdd8c93836d443d208d1ef5","ssdeep":"192:Ujj8LGJ0CQLnWL9MNXVA87eizyHEDyPhd:UXpmLWLL87ei+ywd","tlshash":"17027571d900123eb51bcf2d52e1e74f322285b3d9133b19ab3535744f9eac62a36789","first_seen":"2025-09-27T19:31:00.036679Z","last_seen":"2026-05-31T15:28:13.956851Z","times_seen":176,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/index-B8oB7yPE.js","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:42.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /assets/index-B8oB7yPE.js HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zf6q.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:42 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 399159\r\nLast-Modified: Tue, 20 Jan 2026 12:11:49 GMT\r\nConnection: keep-alive\r\nETag: \"696f7105-61737\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":399159,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (63005)","md5":"60dd5b8f923150e5242cb7c1cdabf430","sha1":"06bbf1e6d422df9d12553d03e5781af463346aa3","sha256":"97399ec77eb38f6cb39cc8a9a6577e80d59a5b21d79721088899316c243e943d","sha512":"40dcd5448e88a683cef9dae768b66002e0013b695b5b9ec39a91278ce3c032fec077603e81b265c5bc02e7eefbf8c2802e9527f171f543c65123668dba081673","ssdeep":"12288:08lX/qx7zvIczg7/v8dpnVPTUD9iwug1v1ilcOZWENJqKIh:08lX/qx7zvIczg7HMpnVPAD9iwug1v13","tlshash":"53844bd4b695b46903b639f6403f1101f33e1d16b80d8098f66ce9db3d2a99962b7f38","first_seen":"2026-01-20T12:19:40.40191Z","last_seen":"2026-01-28T23:47:26.057569Z","times_seen":28,"resource_available":true,"data":null}},"time_used":1550,"timings":{"blocked":325,"dns":1,"connect":161,"send":0,"wait":324,"receive":570,"ssl":165},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/login-B_EJHJEu.css","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:43.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /assets/login-B_EJHJEu.css HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zf6q.vip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:43 GMT\r\nContent-Type: text/css\r\nContent-Length: 8507\r\nLast-Modified: Tue, 20 Jan 2026 12:11:58 GMT\r\nConnection: keep-alive\r\nETag: \"696f710e-213b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8507,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8506)","md5":"fa4d978f2df47dcc0eb2b841ae425829","sha1":"2733c37a904db134792e78269d1c3492cef34f07","sha256":"80d595eb2376be280201a584268e9f30db54b917fb20cd7727d78bc7da3ef6ab","sha512":"8982fbdd30e14da053ae9ea7eeb963298d4fdcd2c254d52d64a38831411f43a811ab2fe975b09d38109719c279bd88f1f3e9476fe2cdbec5032c28f375d8441d","ssdeep":"96:2hG7YvMfzXnE8VqPR9p7ApVHCwpMT0mLypXcm2Eaz:208ZK00mLyRcm2Eq","tlshash":"bd0213f4ba085006d7f7c791aea5bd890119f212d7126edd9da635248ccbac738b128d","first_seen":"2026-01-19T13:29:22.549654Z","last_seen":"2026-02-26T01:00:45.925277Z","times_seen":52,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/uni-app.es.oH1CBmRy.js","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:43.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /assets/uni-app.es.oH1CBmRy.js HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://zf6q.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 84\r\nLast-Modified: Tue, 20 Jan 2026 12:12:15 GMT\r\nConnection: keep-alive\r\nETag: \"696f711f-54\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"b1a44ec1506f245878bc01119194ef49","sha1":"702097a9597af901df9bcbfaa204c9282778d860","sha256":"2e9d0f917159840404ce64f27a5c9b3af25bbeab9634d6aa6e7cb8e1df793c73","sha512":"9cf183608dc46b0c2d4ab4d4dc4024dc049a5463c6d1b63961aeea18cd90d7db64356e5bd8cf9d1744b315a5526db00c7b5ad335410eab98ae4566efc3d81375","ssdeep":"","tlshash":"49a01247708124571c0304900165d407717711d145888730c1c003244af44a88229909","first_seen":"2026-01-20T12:19:40.399288Z","last_seen":"2026-01-28T23:47:26.050069Z","times_seen":28,"resource_available":true,"data":null}},"time_used":837,"timings":{"blocked":336,"dns":0,"connect":162,"send":0,"wait":161,"receive":0,"ssl":171},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/page_footer.WL0YNd9I.js","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:43.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /assets/page_footer.WL0YNd9I.js HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://zf6q.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2290\r\nLast-Modified: Tue, 20 Jan 2026 12:12:10 GMT\r\nConnection: keep-alive\r\nETag: \"696f711a-8f2\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2290,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2289)","md5":"6d290cc1c1adcca5a03f2f2e293f53fd","sha1":"dbc6b59a471bd85c189486da55ea016f22f764d2","sha256":"3756745d594e4ebb9dcaa581efd928d53c615aff87c10607412a8b0c2c10db25","sha512":"916965ed957a7cc0b296ec00e7c7e0ba717ea554d766603aca1c2c3b443592a2e8209ffb71dee10e591228eba25194fbdfd2a68035e51c36c2043d0df323a354","ssdeep":"","tlshash":"0b41cf581c4b823f259b91bad122a430b68a1ff0cb70cc92d8f98a55669ddfc3c16d2c","first_seen":"2026-01-20T12:19:40.393843Z","last_seen":"2026-01-28T23:47:26.051747Z","times_seen":28,"resource_available":true,"data":null}},"time_used":819,"timings":{"blocked":324,"dns":1,"connect":161,"send":0,"wait":161,"receive":0,"ssl":169},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/pDxWAF1pBB0dzGB-D7NyJrii.woff2","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:44.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /assets/pDxWAF1pBB0dzGB-D7NyJrii.woff2 HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zf6q.vip/assets/index-BJ6U4fM6.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:44 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 16616\r\nLast-Modified: Tue, 20 Jan 2026 12:12:11 GMT\r\nConnection: keep-alive\r\nETag: \"696f711b-40e8\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16616,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16616, version 1.655","md5":"4afcd3b79b78d33386f497877a29c518","sha1":"cc7ebaa05a2cd3b02c0929ac0475a44ab30b7efa","sha256":"cded49f94fc16dc0a14923975e159fbf4b14844593e612c1342c9e34e2f96821","sha512":"2dc9fff1d57d5529c9c7bff26fa9f3f94adc47e9cef51d782e55ecf93045200140706ab5816dfd4a0b49b8db2263320fa2f0fa31a04e12d0c91fea79b127255d","ssdeep":"384:0qJzQ61qLjMj2JfDC3uq2B/YgduJyovfw4TQRJGL7VGhX8aJl/hObP:x8LHMjGbCeqEFuBwkqJGLhGhVLsP","tlshash":"a772d03d74972759eac2ce7f720d228627d6f9888e615fe83817d00c657604e6a603ec","first_seen":"2023-04-05T14:54:42Z","last_seen":"2026-06-06T18:54:35.731312Z","times_seen":25674,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":170,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-28T04:30:41.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:42 GMT\r\nContent-Type: text/html\r\nLast-Modified: Tue, 20 Jan 2026 12:12:30 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"696f712e-528\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"FingerprintJS:3","description":"FingerprintJS is a browser fingerprinting library that queries browser attributes and computes a hashed visitor identifier from them.","website":"https://fingerprintjs.com","common_platform_enumeration":"","icon":"FingerprintJS.svg","categories":["JavaScript libraries","Browser fingerprinting"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1320,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, CR, LF line terminators","md5":"63305e2440502c61e8a228bd1d00bd47","sha1":"2004a5306f01e8bd71694994cfda13c156b4211d","sha256":"8c3b7dfbc7953f3e0ad3a48da6a43edcd89ad2aa45d1f87b48706050dfc29a86","sha512":"4841f8cdf5ffd5d13ecc26330125d04105c7a8b8f7e3dea0176f6ef65fcc12781a50cda31eb0f5e4c46f37cb4c6d370b0300f5cdd111b8ce35f19598a77186ef","ssdeep":"","tlshash":"e52175497848af0d122092867072e17e9db74c363a90d97364b6127ba7a438fcd1d898","first_seen":"2026-01-20T12:19:40.405988Z","last_seen":"2026-01-28T23:47:26.056539Z","times_seen":28,"resource_available":false,"data":null}},"time_used":906,"timings":{"blocked":372,"dns":41,"connect":162,"send":0,"wait":162,"receive":0,"ssl":166},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/index-BJ6U4fM6.css","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:42.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /assets/index-BJ6U4fM6.css HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zf6q.vip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:42 GMT\r\nContent-Type: text/css\r\nContent-Length: 75612\r\nLast-Modified: Tue, 20 Jan 2026 12:11:49 GMT\r\nConnection: keep-alive\r\nETag: \"696f7105-1275c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":75612,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"dda96fe3e14699edd8325f13a09c3a07","sha1":"2c11932bbb9a18a972ae61498c6f1a96019c609e","sha256":"f49eb271e44229e6afa121e071ed19d51be17d214a1e9e86f349fdae01952c3b","sha512":"1300bda65975991388814103c406723a7a8e501c298cf3660005393a7a9935c235608683a15e4621a45ba7f43a306e7bc9d12bb5acd806ce533f6e370f53f70c","ssdeep":"1536:80KR1AKeEfqe2T7XnC171+aWn9he/4Sycpo:HT7XC15bWze/hY","tlshash":"2373fa340036a458e5f3dc1330cd3d523c4da027aa8a9527e62f8aac5ee787787a5f75","first_seen":"2025-09-27T19:31:00.071648Z","last_seen":"2026-03-08T23:08:16.631002Z","times_seen":73,"resource_available":false,"data":null}},"time_used":651,"timings":{"blocked":155,"dns":0,"connect":0,"send":0,"wait":162,"receive":334,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:42.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zf6q.vip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 28 Jan 2026 04:30:42 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 18752\r\ncf-ray: 9c4dc18aefdc23eb-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6421d693-4940\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 543649\r\nexpires: Mon, 18 Jan 2027 04:30:42 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=GT1vOhHqzQaF6IVOLh%2BB%2B4mqWIlEFZfh5I4b%2BdvGloS7blLAlPWYydTCnYe4RDpFzOjRaOak1%2Fh8NnRokplFYPOTuOsdv%2FyTnAkbNOe6X%2B40Y2eeo835DbO1G7aNjjZwJTbia1O9\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":102025,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"ded1c367363e8b20bdc6a19b8350a737","sha1":"8c06d82739d14b094ff6d9036021a252bd1d985d","sha256":"1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf","sha512":"89e71d2e66ac925ec2564aa45cd43f647fd72e5bd664e2728fb632eed71e9e6a43d72a404a8ce9993fc4d223ed985201e3a66676d01cf5e341bc7d07fd9a6207","ssdeep":"1536:OwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuZprfZCl:S709gMGFiyPGuZpfZCl","tlshash":"2ea3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-06-06T18:34:59.894634Z","times_seen":50882,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":10,"receive":2,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zf6q.vip/assets/page_header-BavpIdKa.css","fqdn":"zf6q.vip","domain":"zf6q.vip","tld":"vip"},"ip":{"addr":"47.251.100.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zf6q.vip/","date":"2026-01-28T04:30:43.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zf6q.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 09:59:59 GMT","end":"Thu, 16 Apr 2026 09:59:58 GMT"},"fingerprint":{"sha1":"F6:B5:62:EA:1A:2F:CA:10:32:94:ED:AD:70:A0:E3:4B:C1:0C:AB:93","sha256":"37:39:F7:F3:45:CA:0D:05:8F:BA:28:E0:13:19:EB:07:A6:19:55:4F:40:C0:D9:C5:4E:94:46:BA:5E:22:99:AD"}}},"request":{"raw":"GET /assets/page_header-BavpIdKa.css HTTP/1.1\r\nHost: zf6q.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zf6q.vip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 28 Jan 2026 04:30:43 GMT\r\nContent-Type: text/css\r\nContent-Length: 1241\r\nLast-Modified: Tue, 20 Jan 2026 12:12:11 GMT\r\nConnection: keep-alive\r\nETag: \"696f711b-4d9\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1241,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1240)","md5":"90fb8b7b14dfd383bafdd233eb5ac3da","sha1":"c0f0c8ad1e1aea242312b13009ee84d13a11e697","sha256":"27b4b0a6d5113763c60af9b46dd862d7a0785dcdcad5ebf12be3230f97f326a4","sha512":"a40f1ac22707a5dc28539d6fb38aa008cd133f4c64a5ea09b578143ddecaab1d78ab070aa70cb5e68d8dc7e68528147a4684b1ed395e270d3716b8cde7d8ecbe","ssdeep":"","tlshash":"09219d5d63cd1c2cf563c17dd5af534810b03237c363c5b9848ba5198d678251b57dc6","first_seen":"2025-09-27T19:31:00.068652Z","last_seen":"2026-02-26T01:00:45.924658Z","times_seen":70,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-28","alert":"Phishing Block","trigger":"zf6q.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-28","alert":"Sinkholed","trigger":"zf6q.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}