{"report_id":"b7b68bee-0368-48cc-af31-5865df005da2","version":6,"status":"done","tags":[],"date":"2026-06-03T12:23:38Z","url":{"schema":"http","addr":"206.189.84.116:8080","fqdn":"206.189.84.116","domain":"206.189.84.116","tld":""},"ip":{"addr":"206.189.84.116","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"http","addr":"206.189.84.116:8080/","fqdn":"206.189.84.116","domain":"206.189.84.116","tld":""},"title":"C2 Enterprise Platform","dom":{"size":7712,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2074)","md5":"ea87eda21d5f98e0cfbb5c0e3638246a","sha1":"5cf2dca4b8cb70b49f7ca4b35e49cdb3d98f940b","sha256":"40ec7d83e0c7eee366b465703a95bf3b7c3cf30ce518da180de5aa317e98e7ca","sha512":"3177850fc91764258ab6c11c85446fd413e91914939919dd0bdea22f532b8a210154d0c415c5c2893f06e2fef8fdd45db762c45f03519be0f06636a38105afd1","ssdeep":"192:hbV7BGF92ZKjPVjEyM3MXMXMXM3MKMsMfM6MV8M/U/8MaY6MxczSGFMGnMdkj:hWF8sH8gggolHchEpMEzZcC/D2W","tlshash":"58f19ca054fa2077297384dbb5a69b272de0a553c76b151433fd0bb80fd2f81ee17428","dom_hash":"domhash88c2bb9363bebc4bd81bb1a04ad5ab85","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"206.189.84.116:8080","fqdn":"206.189.84.116","domain":"206.189.84.116","tld":""},"ip":{"addr":"206.189.84.116","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-08T12:23:38Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-06-03T12:23:19Z","timestamp":1780489399,"ip_dst":{"addr":"206.189.84.116","port":8080,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":54856,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"high","alert":"ET POLICY Outgoing Basic Auth Base64 HTTP Password detected unencrypted","source":"{\"timestamp\":\"2026-06-03T12:23:19.033111+0000\",\"flow_id\":624209553691887,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":54856,\"dest_ip\":\"206.189.84.116\",\"dest_port\":8080,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"http.dottedquadhost\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2006380,\"rev\":17,\"signature\":\"ET POLICY Outgoing Basic Auth Base64 HTTP Password detected unencrypted\",\"category\":\"Potential Corporate Privacy Violation\",\"severity\":1,\"metadata\":{\"confidence\":[\"Medium\"],\"created_at\":[\"2010_07_30\"],\"performance_impact\":[\"Significant\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_08_07\"]}},\"http\":{\"hostname\":\"206.189.84.116\",\"http_port\":8080,\"url\":\"/api/stats\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/json\",\"http_refer\":\"http://206.189.84.116:8080/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":103},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":690,\"bytes_toclient\":568,\"start\":\"2026-06-03T12:23:18.234735+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"206.189.84.116","ip":{"addr":"206.189.84.116","port":8080,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":9,"received_data":95786,"sent_data":3516,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"206.189.84.116:8080/js/app.js","fqdn":"206.189.84.116","domain":"206.189.84.116","tld":""},"ip":{"addr":"206.189.84.116","port":8080,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ea7ca9fd83487d81851732cb32d1a2d","sha1":"7b7c7b9741a89febb4a318b38733b6045d2949cd","sha256":"ee1748a8a482b1f2f9824f122182e518d9449b9e9cdd528c07bcd47aa7622692","sha512":"4b25ad5aba1ca5abc018478a95ecc836ff2305beab01502627c0406f281613bf55a8d2f466135b5a0f192fa8c31cafbd3e48b0b24961d875b4658366e2430610","ssdeep":"","tlshash":"b831dc9e30f759318daf39af66d7861d3820a0232d939a65710c80509f90ee8a637fc8","size":1632,"data":"","first_seen":"2026-06-03T12:23:42.404765Z","last_seen":"2026-06-03T12:23:42.404765Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"206.189.84.116:8080/js/router.js","fqdn":"206.189.84.116","domain":"206.189.84.116","tld":""},"ip":{"addr":"206.189.84.116","port":8080,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"fff9ff794f3c7bc342903b9ad3b01316","sha1":"01886eaec2c5f128d7833e022831d4b6b10fe248","sha256":"b698199b4fa9c9d045805e404611d91feee16d7d532a76f6514980027f9b4b64","sha512":"7249431566fb2994b1a7e83f9c4c02492e0cec090063b1e2af22547c6a5bcea20707775457130aa2c65d444c9388129c1236102556de66dc6a46be520bb82786","ssdeep":"","tlshash":"4601b81e723b5430403322aef28f178d382a12072140a1497a5c9d900f829abae7bec6","size":745,"data":"","first_seen":"2026-06-03T12:23:42.416777Z","last_seen":"2026-06-03T12:23:42.416777Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"206.189.84.116:8080/js/pages.js","fqdn":"206.189.84.116","domain":"206.189.84.116","tld":""},"ip":{"addr":"206.189.84.116","port":8080,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"e210b6afcc705ce9eaa12cdbf24c52f9","sha1":"32a089a2953a4c98e35fb08bd07cb7a280b927ab","sha256":"f9053ee07009187d3f680ea9f66c97c601e0ae24272114fee0bd2e590ab82180","sha512":"0d3158dd81aebb3567624f6c6f5720cd7823d6c80c5234923518a0232dac3d96ccbf1470a73678629018e9f3b82ae2d28ee73f8b3b820a5fd3590a0cabc2a2f3","ssdeep":"768:Kz0vXCcfNG4n5PEw3fEB0fPXauasYIQsnyPEnLHtKZYun5YE+Jz/jkn:Kz0vXZNGyFEws+XaLsByPEnLGGz/jG","tlshash":"7f63fba0b0f6347a46b760f97257965e3da09503d90b8944ff5c92a15fc2fa0b833adc","size":70029,"data":"","first_seen":"2026-06-03T12:23:42.420031Z","last_seen":"2026-06-03T12:23:42.420031Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"206.189.84.116:8080/","fqdn":"206.189.84.116","domain":"206.189.84.116","tld":""},"ip":{"addr":"206.189.84.116","port":8080,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-03T12:23:17.094Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 206.189.84.116:8080\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Tue, 02 Jun 2026 08:07:15 GMT\r\nETag: W/\"1436-19e875f61d5\"\r\nContent-Type: text/html; charset=utf-8\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nDate: Wed, 03 Jun 2026 12:23:17 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\nTransfer-Encoding: chunked\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":5174,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"8fdcf2c29c955751f319523b57bdc78e","sha1":"0161f1cd37e6138c1a9f6e0acee752f17d3b099c","sha256":"dc4200df6f0401091c2b06cd8714e10ce6cc4b83d353f1233d6d79398838d2b6","sha512":"b4204262425c232092a75ddbcb5caeae26979a5a41ff9c3d9b732e1d161d3737b8b0f54b4c17be348680d56420fe8539ee8b5c4598e7ee2d7df5a0b2526e4f6e","ssdeep":"48:FuScG1TbbWjcn0PCV4wOUo+DFT/MHoRnMMaT:gibV4CVHIToRnMMk","tlshash":"a2b1469098f5647712b2c0d7aafa6b776ee09913d5a9200072fe4e640febe41bd07835","first_seen":"2026-06-03T12:23:42.398486Z","last_seen":"2026-06-03T12:23:42.398486Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1165,"timings":{"blocked":379,"dns":0,"connect":384,"send":0,"wait":401,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"206.189.84.116:8080/css/style.css","fqdn":"206.189.84.116","domain":"206.189.84.116","tld":""},"ip":{"addr":"206.189.84.116","port":8080,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://206.189.84.116:8080/","date":"2026-06-03T12:23:17.989Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: 206.189.84.116:8080\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://206.189.84.116:8080/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Wed, 03 Jun 2026 09:23:42 GMT\r\nETag: W/\"316f-19e8ccbb96c\"\r\nContent-Type: text/css; charset=utf-8\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nDate: Wed, 03 Jun 2026 12:23:18 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\nTransfer-Encoding: chunked\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":12655,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"assembler source, ASCII text","md5":"6cf26011cf42c887df9d5c092ab08865","sha1":"26c057027ebad6f55dc76891470a99f70098a78d","sha256":"ce462ebaf7d825397226ad3517313c7adca344981aff7e1e8f8f041c8279562a","sha512":"1770c817bcfe5087ece1cc879161a35a6b2ed686f3f72e16d7f13d3f1cf5243052b5dc73f71c3413007db47a34284b9e48f772ae24da4adcda09f26f82dc45ca","ssdeep":"192:4gjaVZ9NecrqV04OJNK9TeQ3oGCBT7prDqTBPRX3Jp+KV5MrPbqnZa+zEs:49becrqVoKwTwPRPs+","tlshash":"b8422122731521b6b853e7687bdae79b735cb2439414a73c7de41014cb8c7b81a7af88","first_seen":"2026-06-03T12:23:42.401519Z","last_seen":"2026-06-03T12:23:42.401519Z","times_seen":1,"resource_available":false,"data":null}},"time_used":406,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":406,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"206.189.84.116:8080/js/app.js","fqdn":"206.189.84.116","domain":"206.189.84.116","tld":""},"ip":{"addr":"206.189.84.116","port":8080,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://206.189.84.116:8080/","date":"2026-06-03T12:23:17.991Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/app.js HTTP/1.1\r\nHost: 206.189.84.116:8080\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://206.189.84.116:8080/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Wed, 03 Jun 2026 09:11:12 GMT\r\nETag: W/\"660-19e8cc04a31\"\r\nContent-Type: text/javascript; charset=utf-8\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nDate: Wed, 03 Jun 2026 12:23:18 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\nTransfer-Encoding: chunked\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1632,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"9ea7ca9fd83487d81851732cb32d1a2d","sha1":"7b7c7b9741a89febb4a318b38733b6045d2949cd","sha256":"ee1748a8a482b1f2f9824f122182e518d9449b9e9cdd528c07bcd47aa7622692","sha512":"4b25ad5aba1ca5abc018478a95ecc836ff2305beab01502627c0406f281613bf55a8d2f466135b5a0f192fa8c31cafbd3e48b0b24961d875b4658366e2430610","ssdeep":"","tlshash":"b831dc9e30f759318daf39af66d7861d3820a0232d939a65710c80509f90ee8a637fc8","first_seen":"2026-06-03T12:23:42.404765Z","last_seen":"2026-06-03T12:23:42.404765Z","times_seen":1,"resource_available":true,"data":null}},"time_used":398,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":398,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"206.189.84.116:8080/api/stats","fqdn":"206.189.84.116","domain":"206.189.84.116","tld":""},"ip":{"addr":"206.189.84.116","port":8080,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://206.189.84.116:8080/","date":"2026-06-03T12:23:18.411Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/stats HTTP/1.1\r\nHost: 206.189.84.116:8080\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://206.189.84.116:8080/\r\nAuthorization: Basic YWRtaW46UEBzc3cwcmQxMjM=\r\nContent-Type: application/json\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nX-Powered-By: Express\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 103\r\nETag: W/\"67-ITB3Z2Vw49B1fNlwib4XBuWOclc\"\r\nVary: Accept-Encoding\r\nDate: Wed, 03 Jun 2026 12:23:18 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":103,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"297a72525887d235442c1260913d52a1","sha1":"213077676570e3d0757cd97089be1706e58e7257","sha256":"541714ee2065158b49f47004050669190a6f82ae679b59d2194e87eb8fdc48bb","sha512":"d03104ee45654d8ebd5bbb2200f19a50d4439bdf49cb60496a78fae60003f5a3b72414a278b521a60b41d1c9813b71d3edf0f9f8830a89adb8e2ac754376a23d","ssdeep":"","tlshash":"7db09248a2250a622ac6d060b0e43b2322e2203618413b5860f9a2001224d857442123","first_seen":"2026-06-03T12:23:42.407213Z","last_seen":"2026-06-03T12:23:42.407213Z","times_seen":1,"resource_available":false,"data":null}},"time_used":624,"timings":{"blocked":219,"dns":0,"connect":0,"send":0,"wait":404,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"ws","addr":"206.189.84.116:8080/","fqdn":"206.189.84.116","domain":"206.189.84.116","tld":""},"ip":{"addr":"206.189.84.116","port":8080,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"http://206.189.84.116:8080/","date":"2026-06-03T12:23:18.412Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 206.189.84.116:8080\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nSec-WebSocket-Version: 13\r\nOrigin: http://206.189.84.116:8080\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: 1rtNO7pepBBA6UqHwOP8Kg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nUpgrade: websocket\r\nConnection: Upgrade\r\nSec-WebSocket-Accept: lCNGchA1OLCWb300uClWmxjQEEE=\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-10T23:58:53.74002Z","times_seen":16311883,"resource_available":true,"data":null}},"time_used":778,"timings":{"blocked":-1,"dns":0,"connect":380,"send":0,"wait":398,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"206.189.84.116:8080/api/stats","fqdn":"206.189.84.116","domain":"206.189.84.116","tld":""},"ip":{"addr":"206.189.84.116","port":8080,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://206.189.84.116:8080/","date":"2026-06-03T12:23:19.205Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/stats HTTP/1.1\r\nHost: 206.189.84.116:8080\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://206.189.84.116:8080/\r\nAuthorization: Basic YWRtaW46UEBzc3cwcmQxMjM=\r\nContent-Type: application/json\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nX-Powered-By: Express\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 103\r\nETag: W/\"67-ITB3Z2Vw49B1fNlwib4XBuWOclc\"\r\nVary: Accept-Encoding\r\nDate: Wed, 03 Jun 2026 12:23:19 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":103,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"297a72525887d235442c1260913d52a1","sha1":"213077676570e3d0757cd97089be1706e58e7257","sha256":"541714ee2065158b49f47004050669190a6f82ae679b59d2194e87eb8fdc48bb","sha512":"d03104ee45654d8ebd5bbb2200f19a50d4439bdf49cb60496a78fae60003f5a3b72414a278b521a60b41d1c9813b71d3edf0f9f8830a89adb8e2ac754376a23d","ssdeep":"","tlshash":"7db09248a2250a622ac6d060b0e43b2322e2203618413b5860f9a2001224d857442123","first_seen":"2026-06-03T12:23:42.407213Z","last_seen":"2026-06-03T12:23:42.407213Z","times_seen":1,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":403,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"206.189.84.116:8080/api/activity","fqdn":"206.189.84.116","domain":"206.189.84.116","tld":""},"ip":{"addr":"206.189.84.116","port":8080,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://206.189.84.116:8080/","date":"2026-06-03T12:23:19.614Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /api/activity HTTP/1.1\r\nHost: 206.189.84.116:8080\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://206.189.84.116:8080/\r\nAuthorization: Basic YWRtaW46UEBzc3cwcmQxMjM=\r\nContent-Type: application/json\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nX-Powered-By: Express\r\nContent-Type: application/json; charset=utf-8\r\nETag: W/\"9ff-vMZru4IkZ8nduNSpg1Akip2dIB0\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nDate: Wed, 03 Jun 2026 12:23:19 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\nTransfer-Encoding: chunked\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2559,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f6e74447e82d0dfbbbed5148a764ef99","sha1":"bcc66bbb822467c9ddb8d4a98350248a9d9d201d","sha256":"510e9b46b2510a73a2009ed588550984cb5fc9fcd1857e49a012fbdbbe53d211","sha512":"24d124e3fdcd3a33cd9ac5a7cf168cde5b66c90e9fd86b9a60ce775169023180944e991ab91397198c13f1b375df6de1a4286b1c2b3092867f38a85f352c08a5","ssdeep":"","tlshash":"d45184939735bdb89f8608efb4e3b09180e87065b58e5545a047faf8c211ab7073727a","first_seen":"2026-06-03T12:23:42.413599Z","last_seen":"2026-06-03T12:23:42.413599Z","times_seen":1,"resource_available":false,"data":null}},"time_used":405,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":405,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"206.189.84.116:8080/js/router.js","fqdn":"206.189.84.116","domain":"206.189.84.116","tld":""},"ip":{"addr":"206.189.84.116","port":8080,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://206.189.84.116:8080/","date":"2026-06-03T12:23:17.993Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/router.js HTTP/1.1\r\nHost: 206.189.84.116:8080\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://206.189.84.116:8080/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Wed, 03 Jun 2026 09:11:14 GMT\r\nETag: W/\"2e9-19e8cc05033\"\r\nContent-Type: text/javascript; charset=utf-8\r\nContent-Length: 745\r\nVary: Accept-Encoding\r\nDate: Wed, 03 Jun 2026 12:23:18 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":745,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text","md5":"fff9ff794f3c7bc342903b9ad3b01316","sha1":"01886eaec2c5f128d7833e022831d4b6b10fe248","sha256":"b698199b4fa9c9d045805e404611d91feee16d7d532a76f6514980027f9b4b64","sha512":"7249431566fb2994b1a7e83f9c4c02492e0cec090063b1e2af22547c6a5bcea20707775457130aa2c65d444c9388129c1236102556de66dc6a46be520bb82786","ssdeep":"","tlshash":"4601b81e723b5430403322aef28f178d382a12072140a1497a5c9d900f829abae7bec6","first_seen":"2026-06-03T12:23:42.416777Z","last_seen":"2026-06-03T12:23:42.416777Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1686,"timings":{"blocked":635,"dns":0,"connect":645,"send":0,"wait":406,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"206.189.84.116:8080/js/pages.js","fqdn":"206.189.84.116","domain":"206.189.84.116","tld":""},"ip":{"addr":"206.189.84.116","port":8080,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://206.189.84.116:8080/","date":"2026-06-03T12:23:17.995Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/pages.js HTTP/1.1\r\nHost: 206.189.84.116:8080\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://206.189.84.116:8080/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Wed, 03 Jun 2026 11:56:59 GMT\r\nETag: W/\"11195-19e8d580f42\"\r\nContent-Type: text/javascript; charset=utf-8\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nDate: Wed, 03 Jun 2026 12:23:18 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\nTransfer-Encoding: chunked\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":70037,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (859)","md5":"e210b6afcc705ce9eaa12cdbf24c52f9","sha1":"32a089a2953a4c98e35fb08bd07cb7a280b927ab","sha256":"f9053ee07009187d3f680ea9f66c97c601e0ae24272114fee0bd2e590ab82180","sha512":"0d3158dd81aebb3567624f6c6f5720cd7823d6c80c5234923518a0232dac3d96ccbf1470a73678629018e9f3b82ae2d28ee73f8b3b820a5fd3590a0cabc2a2f3","ssdeep":"768:Kz0vXCcfNG4n5PEw3fEB0fPXauasYIQsnyPEnLHtKZYun5YE+Jz/jkn:Kz0vXZNGyFEws+XaLsByPEnLGGz/jG","tlshash":"7f63fba0b0f6347a46b760f97257965e3da09503d90b8944ff5c92a15fc2fa0b833adc","first_seen":"2026-06-03T12:23:42.420031Z","last_seen":"2026-06-03T12:23:42.420031Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1190,"timings":{"blocked":394,"dns":0,"connect":0,"send":0,"wait":390,"receive":406,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}