{"report_id":"b8c7b69d-823e-4943-9682-db38b8cdf5a1","version":6,"status":"done","tags":[],"date":"2026-02-01T15:16:19Z","url":{"schema":"http","addr":"vv1877.cc/","fqdn":"vv1877.cc","domain":"vv1877.cc","tld":"cc"},"ip":{"addr":"20.24.208.61","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"www.vv6538.cc/?id=372639792","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"title":"请进行安全验证(Security Verification)","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"vv1877.cc/","fqdn":"vv1877.cc","domain":"vv1877.cc","tld":"cc"},"ip":{"addr":"20.24.208.61","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-08T15:16:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"vv1877.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"vv1877.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"vv1877.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"vv1877.cc","ip":{"addr":"20.24.208.61","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":3,"request_count":1,"received_data":503,"sent_data":478,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.vv6538.cc","ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-01-08","domain_rank":0,"first_seen":"2026-01-19T16:21:35.636844Z","last_seen":"2026-01-26T18:00:05.84022Z","alert_count":13,"request_count":13,"received_data":1024517,"sent_data":9890,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.vv6538.cc/?id=372639792","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-04T02:02:25.009538Z","times_seen":203437,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/?id=372639792","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-04T03:31:36.58835Z","times_seen":593558,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/js/init_waf_captcha.js","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"9a4f906f6d0bc4f524da8f60a5080604","sha1":"aa240afc8c0ea7d74d918c5cbb060ed33e83e60c","sha256":"352d869b1b88441a64238f78e3c500515c42fa76b334236c5e08c5a85066afd9","sha512":"3c7f95e9f47d82105a486884db6ac4a267d11ef46a7a4ffdc6d0c89319b641ec86efaf216683f889a3a03484dc53ff946a1073839b51e42789665d6015289dc3","ssdeep":"768:cHmWbgiWcjlYXLOCiVFRbvbIrN8ilFm1XQmx8EQ8ifLLyEZWrRNE1SyVb0n+Miw8:rFNWcEzkNISMa","tlshash":"07f24140b3d1fc86039b9736332b71e1e82e49aa75980c8ee101fcd0f5ed91ad9e9671","size":37251,"data":"","first_seen":"2025-08-28T13:39:19.039339Z","last_seen":"2026-04-03T23:52:05.929895Z","times_seen":263,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/js/LAB.js?v=202111","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"37099778d1430ee4ea3b99d1b134fa60","sha1":"9d0615ff0ee0aa505dd0cae0f36ac002f260025d","sha256":"ef54cbf2d9d5e44594b1bc098bbab1062968d8a283bab94afb7ba0bf8127c537","sha512":"3f4d7b7d82455b4fab51c73d96820a81b64a3665e00694d14e70c5f43d6c097d8e3539f8341ed22195441dab57ba6c93cf0e80603c8206a715b736948b3b4c2e","ssdeep":"96:kT2UR6vUmYM31LBIw9F5rrJOMz6kZFLU3Me0ijK1:WppmYy1mwP5r0HaUS1","tlshash":"eeb1b7863d8eb1b9cbca3061583fd3057175f943ec45d5c0d29ae1d1a83ae68016feae","size":5494,"data":"","first_seen":"2023-03-12T10:58:20Z","last_seen":"2026-04-03T23:52:05.930897Z","times_seen":402,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/?id=372639792","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"2512414f817df8312569d55032748f81","sha1":"13467df6e962aa77bb36867ff1412e1ba9f8feb1","sha256":"e193735f8d500f10e2cdc6a94f5a43fb0257c1e2f8afc10fa04f0e3761d258de","sha512":"db6e4298746d519b0987bfa0feb89c39315718e178418e482b1c10c76439eae343afabf2db35ffaaa26c7ee6a3855084d39e9b88d35b11f87c354ceaf38874a0","ssdeep":"","tlshash":"a590029525c25101965295d4455b5c8450658675249569809180956259550205125cbc","size":47,"data":"","first_seen":"2023-04-11T22:25:25Z","last_seen":"2026-04-04T01:29:39.546998Z","times_seen":19198,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"vv1877.cc/","fqdn":"vv1877.cc","domain":"vv1877.cc","tld":"cc"},"ip":{"addr":"20.24.208.61","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-01T15:15:55.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vv1877.cc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Thu, 04 Dec 2025 00:00:00 GMT","end":"Wed, 04 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DA:4C:5B:5C:BD:31:AA:78:C9:21:1F:A7:57:AE:B0:D7:C5:76:2B:D3","sha256":"63:C8:28:A9:1C:4E:84:FB:3A:A6:DE:54:B7:1D:FD:30:8D:CE:D6:DA:10:E6:07:26:F3:21:3A:38:FA:63:9D:97"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: vv1877.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Sun, 01 Feb 2026 15:15:56 GMT\r\ncontent-type: text/html\r\ncontent-length: 162\r\nlocation: https://www.vv6538.cc/?id=372639792\r\nexpires: Sun, 01 Feb 2026 15:06:31 GMT\r\ncache-control: no-cache, max-age=0, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T03:31:09.46171Z","times_seen":13315120,"resource_available":true,"data":null}},"time_used":2646,"timings":{"blocked":1172,"dns":531,"connect":202,"send":0,"wait":302,"receive":0,"ssl":435},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"vv1877.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-01","alert":"Phishing Block","trigger":"vv1877.cc","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"vv1877.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/?id=372639792","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-01T15:15:58.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /?id=372639792 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nCookie: waf_captcha_marker=bb80a667f574cc95c2c99f17ed8c6363374579de8a6369304366e16e08493db4\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 521 No Reason Phrase\r\ndate: Sun, 01 Feb 2026 15:15:58 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache, no-store\r\ncontent-encoding: gzip\r\ncontent-length: 16260\r\nstrict-transport-security: max-age=31536000; preload\r\nx-request-id: 1fbac819571d23178e33092b324f3884\r\nserver: ****\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"521","status_text":"No Reason Phrase","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25597,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (23159), with CRLF line terminators","md5":"8bcb748957e1764bc437d6fc7a50e7dd","sha1":"946608176eb082ad8d2af857ea4e62ea5f4953b6","sha256":"e247dedc842b809d1b0907f4db5cd9fad8053bda392609e4fd7ace2ce5c4a9ec","sha512":"3ec6a1f62d3c63502bd725bcf2c836119f85d0fffa599f9826deae63bb11d4aeccaf0929341c11ee5f54010bbcb58d8c4b95422770d731f8adc710aaafe4aca4","ssdeep":"384:lbXHd+/tYSUM1GEgMPl2vB0WHJ5Ore9NpUr3iq/PJXbGCQsnC/MdKBASzi:R90tlcMPl2vVJ/9MrzPJXbrQsnBGzi","tlshash":"f6b25c33468a6b293f73e5807916316aed5aa4dfa3435654f4cd32e38fe1a42cd5a8c0","first_seen":"2025-08-28T13:39:19.021468Z","last_seen":"2026-04-03T23:52:05.929297Z","times_seen":263,"resource_available":true,"data":null}},"time_used":279,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":278,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/js/init_waf_captcha.js","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:15:58.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/v3/static/js/init_waf_captcha.js HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=bb80a667f574cc95c2c99f17ed8c6363374579de8a6369304366e16e08493db4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:15:58 GMT\r\ncontent-type: application/javascript\r\nserver: openresty/1.19.9.1\r\nlast-modified: Fri, 19 Nov 2021 09:44:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61977206-9183\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37251,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (37251), with no line terminators","md5":"9a4f906f6d0bc4f524da8f60a5080604","sha1":"aa240afc8c0ea7d74d918c5cbb060ed33e83e60c","sha256":"352d869b1b88441a64238f78e3c500515c42fa76b334236c5e08c5a85066afd9","sha512":"3c7f95e9f47d82105a486884db6ac4a267d11ef46a7a4ffdc6d0c89319b641ec86efaf216683f889a3a03484dc53ff946a1073839b51e42789665d6015289dc3","ssdeep":"768:cHmWbgiWcjlYXLOCiVFRbvbIrN8ilFm1XQmx8EQ8ifLLyEZWrRNE1SyVb0n+Miw8:rFNWcEzkNISMa","tlshash":"07f24140b3d1fc86039b9736332b71e1e82e49aa75980c8ee101fcd0f5ed91ad9e9671","first_seen":"2025-08-28T13:39:19.039339Z","last_seen":"2026-04-03T23:52:05.929895Z","times_seen":263,"resource_available":true,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":284,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/css/captcha.css?v=202111","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:15:58.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/v3/static/css/captcha.css?v=202111 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=bb80a667f574cc95c2c99f17ed8c6363374579de8a6369304366e16e08493db4\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:15:58 GMT\r\ncontent-type: text/css\r\nserver: openresty/1.19.9.1\r\nlast-modified: Fri, 19 Nov 2021 09:44:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61977206-56e9\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":22249,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5606), with CRLF line terminators","md5":"43ed1139663e680802f9d9c68815341c","sha1":"328bcda0a79c53787a60669b862d78da1d499bfc","sha256":"2d187196b8b4cd5d2dde9194526dfbb950ebd35d8acfe095270f7a16ed3d319f","sha512":"4ec4f43ad6b5e02ee3e350135454176574004bca294608bf83d90d30e1fff1a4563f0a2a1bcabab0c77142f4998e7aef96992356bb19b40440ac8cffea9bbae2","ssdeep":"384:WFpCiHpMZMYC4rFQivpZMYC4rFQivRP4D+MYC4rFQivNWSnqkYhMHF:WFpCiHmfC4xFvpfC4xFvRPeuC4xFvBqK","tlshash":"90a23a379e0b6ccb6f7d3d90e69c2a411e48b5639a2b468cf949005881d992dff2d1bc","first_seen":"2025-08-28T13:39:19.024465Z","last_seen":"2026-04-03T23:52:05.930429Z","times_seen":264,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/layer/theme/default/layer.css?v=202111","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:15:58.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/v3/static/layer/theme/default/layer.css?v=202111 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=bb80a667f574cc95c2c99f17ed8c6363374579de8a6369304366e16e08493db4\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:15:58 GMT\r\ncontent-type: text/css\r\nserver: openresty/1.19.9.1\r\nlast-modified: Fri, 19 Nov 2021 09:44:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61977206-381f\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14367,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14367), with no line terminators","md5":"3d2e0d91c5c0b96abb8dbdc2234aba77","sha1":"9d55e153b30fd7414fada5718e20918e9c7f65e7","sha256":"e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc","sha512":"42bf3eff281998d088ce012b9a5910f72951c91715595572bb968fbfc5fa2b1cddacef3ca683a1734eb41114b302b6a4dad8b7432c5877b3563a080a2547ae05","ssdeep":"96:mp+Ntha8qNEp+wRY1vUPXiK6nMLPD2OtLzXyPHL/LztJDzyv2OQ7KGx1jyd2/SWz:1WmLr2OtSrzzt42OQ7KGx1jCWR2b+RcU","tlshash":"2e5221e144811299b0278721d6dc7eba32f88d43e5630daef257381f874c6dba2b6647","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-04-04T01:23:22.053653Z","times_seen":5842,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/favicon.ico","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:15:59.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=bb80a667f574cc95c2c99f17ed8c6363374579de8a6369304366e16e08493db4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 521 No Reason Phrase\r\ndate: Sun, 01 Feb 2026 15:15:59 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache, no-store\r\ncontent-encoding: gzip\r\ncontent-length: 16260\r\nstrict-transport-security: max-age=31536000; preload\r\nx-request-id: 2937c9e7df5d0728035e09014ed8127d\r\nserver: ****\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"521","status_text":"No Reason Phrase","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25597,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (23159), with CRLF line terminators","md5":"8bcb748957e1764bc437d6fc7a50e7dd","sha1":"946608176eb082ad8d2af857ea4e62ea5f4953b6","sha256":"e247dedc842b809d1b0907f4db5cd9fad8053bda392609e4fd7ace2ce5c4a9ec","sha512":"3ec6a1f62d3c63502bd725bcf2c836119f85d0fffa599f9826deae63bb11d4aeccaf0929341c11ee5f54010bbcb58d8c4b95422770d731f8adc710aaafe4aca4","ssdeep":"384:lbXHd+/tYSUM1GEgMPl2vB0WHJ5Ore9NpUr3iq/PJXbGCQsnC/MdKBASzi:R90tlcMPl2vVJ/9MrzPJXbrQsnBGzi","tlshash":"f6b25c33468a6b293f73e5807916316aed5aa4dfa3435654f4cd32e38fe1a42cd5a8c0","first_seen":"2025-08-28T13:39:19.021468Z","last_seen":"2026-04-03T23:52:05.929297Z","times_seen":263,"resource_available":true,"data":null}},"time_used":289,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":287,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/js/captcha/vendor.js?v=202111","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:15:59.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/v3/static/js/captcha/vendor.js?v=202111 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=bb80a667f574cc95c2c99f17ed8c6363374579de8a6369304366e16e08493db4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:15:59 GMT\r\ncontent-type: application/javascript\r\nserver: openresty/1.19.9.1\r\nlast-modified: Fri, 19 Nov 2021 09:44:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61977206-58e44\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":364100,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (36185), with CRLF line terminators","md5":"d579110821d5e4bcb62aa7936b61acf3","sha1":"76d6ee2e7dc87857bae01e71fcdb05d8d1a33a38","sha256":"2856a9231d2b334d96facfecd1e5fc9b282f0a9a6e50c4be89d73cbc9f1e07e5","sha512":"cf03979cea5ea64cd51733e65e0c2031673b4ef0a02bc8564224923c2896ed8891821657b7314f88a9d725aeeedec8866a43b1674c7b0e208f382755a55a7765","ssdeep":"6144:MUBtLf6Bjk/7L6xtkQV0eLFL0zEOQR+iLa98Hrc:/cZvBV9Oo+iC","tlshash":"09743dc472d2b052c3db60a6272f7446f03ab89a54889c55f258e9d87c78d4bd13bfb8","first_seen":"2025-08-28T13:39:19.036303Z","last_seen":"2026-04-03T23:52:05.93191Z","times_seen":263,"resource_available":false,"data":null}},"time_used":356,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":356,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/js/captcha/app.js?v=202111","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:15:59.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/v3/static/js/captcha/app.js?v=202111 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=bb80a667f574cc95c2c99f17ed8c6363374579de8a6369304366e16e08493db4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:15:59 GMT\r\ncontent-type: application/javascript\r\nserver: openresty/1.19.9.1\r\nlast-modified: Fri, 19 Nov 2021 09:44:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61977206-775f6\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":488950,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6287fa0dac8ec2b9c41d2b2c3ee88963","sha1":"24a54aa9c14024cefbc8ddde6d97e75ad5c2dd73","sha256":"cabe60e28723988be9da0dcdffa01ad4db25afedb7abb2b7a7970acc6f3ee5e9","sha512":"befe0e713d72aa31e091d44f047aa860134bccc0f11b4ed4d953a8585a9cf6b8e2a06965c15928d96abb708436c342dc9fc01f43ca77a4ee3f28c27f67876bbc","ssdeep":"12288:j7xoVcmbGnWkHejXYCLb0atMAJYLzNdGqw06iwUKKvZxD8t9S/mtPIfY16/PIvzT:jO2mvkHerYCLb0aZJYLzNdGqw06iLKKY","tlshash":"43a46281b7c1fc4102175b76731a72f5f97ad9a9f488849ef001bda0f0e9913eae5272","first_seen":"2025-08-28T13:39:19.030011Z","last_seen":"2026-04-03T23:52:05.932434Z","times_seen":262,"resource_available":true,"data":null}},"time_used":741,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":741,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/?id=372639792","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-01T15:15:56.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /?id=372639792 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 521 No Reason Phrase\r\ndate: Sun, 01 Feb 2026 15:15:57 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache, no-store\r\nset-cookie: waf_captcha_marker=bb80a667f574cc95c2c99f17ed8c6363374579de8a6369304366e16e08493db4; Max-Age=300; Path=/; HttpOnly\r\nstrict-transport-security: max-age=31536000; preload\r\nx-request-id: 7e4d35ead8731ba6664657be561991cd\r\nserver: ****\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"521","status_text":"No Reason Phrase","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with no line terminators","md5":"cb7dcd334327d9a355753a28eb4d119b","sha1":"51f8a7c76b9b216860e57d3b48d8c1850a9e5a4a","sha256":"491f0ac4341e58cf7aa27b9bfd64927c98f206a27e025aae1053e76848c1d1e2","sha512":"4f25ee783f345fb57f1baaa3b4e964ac37bc4415c2bb3210ac302cd983e798c80a7aaa6f17205d15bd893fc62b559967b4ddc776f3d2dff2005365b8a1d2ad99","ssdeep":"","tlshash":"89b012f05c10c4ac34b108c278f2f78c7c3490702403f404a0cc51142400b8ecf06c99","first_seen":"2025-10-21T05:54:48.942083Z","last_seen":"2026-04-03T23:52:05.933378Z","times_seen":261,"resource_available":true,"data":null}},"time_used":2038,"timings":{"blocked":914,"dns":482,"connect":209,"send":0,"wait":210,"receive":0,"ssl":218},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/js/LAB.js?v=202111","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:15:58.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/v3/static/js/LAB.js?v=202111 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=bb80a667f574cc95c2c99f17ed8c6363374579de8a6369304366e16e08493db4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:15:58 GMT\r\ncontent-type: application/javascript\r\nserver: openresty/1.19.9.1\r\nlast-modified: Fri, 19 Nov 2021 09:44:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61977206-1576\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":5494,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5389), with CRLF line terminators","md5":"37099778d1430ee4ea3b99d1b134fa60","sha1":"9d0615ff0ee0aa505dd0cae0f36ac002f260025d","sha256":"ef54cbf2d9d5e44594b1bc098bbab1062968d8a283bab94afb7ba0bf8127c537","sha512":"3f4d7b7d82455b4fab51c73d96820a81b64a3665e00694d14e70c5f43d6c097d8e3539f8341ed22195441dab57ba6c93cf0e80603c8206a715b736948b3b4c2e","ssdeep":"96:kT2UR6vUmYM31LBIw9F5rrJOMz6kZFLU3Me0ijK1:WppmYy1mwP5r0HaUS1","tlshash":"eeb1b7863d8eb1b9cbca3061583fd3057175f943ec45d5c0d29ae1d1a83ae68016feae","first_seen":"2023-03-12T10:58:20Z","last_seen":"2026-04-03T23:52:05.930897Z","times_seen":402,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/layer/layer.js?v=202111","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:15:59.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/v3/static/layer/layer.js?v=202111 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=bb80a667f574cc95c2c99f17ed8c6363374579de8a6369304366e16e08493db4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:15:59 GMT\r\ncontent-type: application/javascript\r\nserver: openresty/1.19.9.1\r\nlast-modified: Fri, 19 Nov 2021 09:44:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61977206-5665\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22117,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22020), with CRLF line terminators","md5":"47db0e57d73194c6a41bab5b4d55e860","sha1":"9db378fa8d56979e86519f483993486dc476902b","sha256":"69025fc1818313fb94c9ca4975c6a45e8385a6fd0ab9d0c60c0ac93cd997566e","sha512":"851e8630a4e631b332027850905245cb68ea56fddab22a8b7504bb4689c1a26b955ddf1b0ef23d1b1a0ecd83d668e115c9e10caf823029046a97a9f7b5c858b7","ssdeep":"384:N1xCih92A3igrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:N1EiV3i+WtXItqF13k8","tlshash":"85a2b66a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","first_seen":"2023-04-07T19:23:28Z","last_seen":"2026-04-04T01:23:21.984812Z","times_seen":1046,"resource_available":true,"data":null}},"time_used":726,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":726,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/v3/static/layer/theme/default/layer.css?v=3.1.1","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:16:04.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/v3/static/layer/theme/default/layer.css?v=3.1.1 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=bb80a667f574cc95c2c99f17ed8c6363374579de8a6369304366e16e08493db4\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:16:05 GMT\r\ncontent-type: text/css\r\nserver: openresty/1.19.9.1\r\nlast-modified: Fri, 19 Nov 2021 09:44:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61977206-381f\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":14367,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14367), with no line terminators","md5":"3d2e0d91c5c0b96abb8dbdc2234aba77","sha1":"9d55e153b30fd7414fada5718e20918e9c7f65e7","sha256":"e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc","sha512":"42bf3eff281998d088ce012b9a5910f72951c91715595572bb968fbfc5fa2b1cddacef3ca683a1734eb41114b302b6a4dad8b7432c5877b3563a080a2547ae05","ssdeep":"96:mp+Ntha8qNEp+wRY1vUPXiK6nMLPD2OtLzXyPHL/LztJDzyv2OQ7KGx1jyd2/SWz:1WmLr2OtSrzzt42OQ7KGx1jCWR2b+RcU","tlshash":"2e5221e144811299b0278721d6dc7eba32f88d43e5630daef257381f874c6dba2b6647","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-04-04T01:23:22.053653Z","times_seen":5842,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/JsonpConvert/v3/jsonp?callback=callback_1769958965571\u0026fpv=H4sIAAAAAAAAA0srKAMAf8NCJQMAAAA%3D\u0026type=H4sIAAAAAAAAAysoTcoGAM5k6pUEAAAA\u0026wlocation=H4sIAAAAAAAAA1WNzQ6CMBCEX6XpSRPtD7XFQozxoie9qPFMoEIjUAIFjMZ3d%2FFmsplkv9mdeePCdR5HeBxHMgxKijVJU7zARWvugAvvmy6i9M%2BmW5ttRBgooUMdwHHfmXaXm3oKOrqXLcuESsLQ7GbrzI0dOl0QZ4TFCIBaxeg5STtEXKwIm6ODSR%2BOBowzGI72Fsrdk%2F5ciG%2FKxN9dW0E6%2FIupsUzqvE9yA8jUy%2BsZkLcVrDxUWsu1VlLK4PMFnDzx1N8AAAA%3D\u0026_=1769958964881","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:16:05.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/JsonpConvert/v3/jsonp?callback=callback_1769958965571\u0026fpv=H4sIAAAAAAAAA0srKAMAf8NCJQMAAAA%3D\u0026type=H4sIAAAAAAAAAysoTcoGAM5k6pUEAAAA\u0026wlocation=H4sIAAAAAAAAA1WNzQ6CMBCEX6XpSRPtD7XFQozxoie9qPFMoEIjUAIFjMZ3d%2FFmsplkv9mdeePCdR5HeBxHMgxKijVJU7zARWvugAvvmy6i9M%2BmW5ttRBgooUMdwHHfmXaXm3oKOrqXLcuESsLQ7GbrzI0dOl0QZ4TFCIBaxeg5STtEXKwIm6ODSR%2BOBowzGI72Fsrdk%2F5ciG%2FKxN9dW0E6%2FIupsUzqvE9yA8jUy%2BsZkLcVrDxUWsu1VlLK4PMFnDzx1N8AAAA%3D\u0026_=1769958964881 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Req-Token: 51f517e02198f18cafa6353b2c39220f\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=bb80a667f574cc95c2c99f17ed8c6363374579de8a6369304366e16e08493db4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:16:05 GMT\r\ncontent-type: text/plain;charset=utf-8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":344,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (344), with no line terminators","md5":"74a3f35f7288b5bc51dd57adfc6d8dad","sha1":"898c5d60ca0c29148ea4ad692227eccb126ffd3c","sha256":"1debe590c2435d31fc2becb70cceb8d180920fac52f6f95253cbd1058222506c","sha512":"e5b875583567cb5b324dbfd4e2a762732a79e9584b4a54995dee3d0c63458aac206c479c9c33942374463ecf6cb8240cbd7753921b2d205b9700b62f88fa5ba2","ssdeep":"","tlshash":"b3e0c6b02a93c8c9aa0aba8a3879818e4f1a0d833f8cd80613708e0609259600328306","first_seen":"2026-02-01T15:16:26.048603Z","last_seen":"2026-02-01T15:16:26.048603Z","times_seen":1,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.vv6538.cc/waf_captcha_verify/JsonpConvert/v3/jsonp?callback=callback_1769958965783\u0026fpv=H4sIAAAAAAAAA0srKAMAf8NCJQMAAAA%3D\u0026level=H4sIAAAAAAAAAyvOyUxJjS8zAgDYAQiSCAAAAA%3D%3D\u0026type=H4sIAAAAAAAAAytJzS3ISSxJBQCDH2CXCAAAAA%3D%3D\u0026wlocation=H4sIAAAAAAAAA1WNzQ6CMBCEX6XpSRPtD7XFQozxoie9qPFMoEIjUAIFjMZ3d%2FFmsplkv9mdeePCdR5HeBxHMgxKijVJU7zARWvugAvvmy6i9M%2BmW5ttRBgooUMdwHHfmXaXm3oKOrqXLcuESsLQ7GbrzI0dOl0QZ4TFCIBaxeg5STtEXKwIm6ODSR%2BOBowzGI72Fsrdk%2F5ciG%2FKxN9dW0E6%2FIupsUzqvE9yA8jUy%2BsZkLcVrDxUWsu1VlLK4PMFnDzx1N8AAAA%3D\u0026captcha_protect=H4sIAAAAAAAAAxWTR7KDRgAFD8QCRBqx8IIhp5HIYeMCRM4IRDi9vy%252FQ9apfdZn23yJP5y2v03%252FnddqKfGOeyfMzXxYVvAPmwBsguarlvKXyw2CZRpxIFoRz3ida%252B1TKh52MM3ZFubQuj2yam1xGfp5%252FvSnUIvjY8lCPbmdxnk%252Bai4pIjCf67GmdotA9ABELJ3i0nLFEs0XRpK15vXBlZHL1Nr0GckeYyDhOXcRH6nu54VKyvQReBliu4hSprctZAZaxVbcE3Xy%252FC7EZRVTbCrzSXnsVucW2EGDYLPqL3tX%252BAJZe4oejEQdXxPgLr1xHOzxhdAwKraYdO7FM%252B7VREExZWLB43kgJ26pjNBviys5aWt5zKoxpvO3GOmlIRkh3OuCT07q5xUED2Vh8culmT2ATxThbYKx%252FUszt5SniH45vuwyDywQiLqeB2NsYHBB7FOf%252B2diipri44VZMYWycyEwfX%252B6SPu4mn34wCrVi9F7q9Avtbk%252BC0lm4KjQcXXrU%252FcAEH70YXKYkyZAUg4R2fy2MCLcUu3ZLpEeWYjCtxy3pjlX4%252BxBJ4JxMYg2G6qyuoec7%252F7m%252FHr6X2%252FQMFTnFwBzvxe%252BxRTGbchmyavahu9%252F3ScIqaaK0ujOpOR7xq0EeiL5E6ZHlRVrOkF5Rk0y2tKjy1J5epgVQvg5EjEbLl7tNm9dHOiBHo%252FUljTp1IjxA6k8gHJHBHPZNlpL4UcDjpaC%252FbZLOle0qja58qJNMVfgOmxcyLBNYGApmXhVNd5jeAXaR1HaEg2%252F0B47gh1CP0ObAdvlYH8aa5nL2YMzEk92pMlH54zMViLtg7S3IEgM9lzpKQnbm099wwt%252BUqlpwtlQx2Ih6Jv0apXRnoOhL8eE17fghHgC81dUybDmyqE4VsoVX%252BgoeZYZxyeGR2n2DRSBMHU8oPVBLwB2OEdl5sYxCmc8C%252F1jdzAza4Of4TJXdpGjE31MYrfgWB9hrmQaxwP7pI6FsTHwr%252F4vxEXD4C%252FXPbKeqd1dgySpi%252BGvLUudIBmATy7ikYdD2lmmzsMidFts07EyA42HbyJry%252FYv1c3naCSNMSPkrQf5da9ztivFc5gkAXvTC39hHff1evt5OrsroO1AjlEZ5v%252FGLVC9Mh2mqdJVhBSl8h3jHh90%252F%252FwErBeT2QAQAAA%253D%253D\u0026originalImage=H4sIAAAAAAAAA0tLzClOBQAwaM0rBQAAAA%3D%3D\u0026_=1769958964882","fqdn":"www.vv6538.cc","domain":"vv6538.cc","tld":"cc"},"ip":{"addr":"171.22.195.161","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.vv6538.cc/?id=372639792","date":"2026-02-01T15:16:05.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vv6538.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 10:25:52 GMT","end":"Sun, 19 Apr 2026 10:25:51 GMT"},"fingerprint":{"sha1":"C1:23:AA:01:04:3B:AD:05:F2:1D:5C:5C:95:03:EF:FE:33:3B:67:8D","sha256":"43:3D:7D:DE:45:69:BC:67:25:1A:CD:B9:08:CF:A4:4F:64:CB:74:DB:AB:C4:06:02:78:FF:B0:3D:D2:A6:0F:84"}}},"request":{"raw":"GET /waf_captcha_verify/JsonpConvert/v3/jsonp?callback=callback_1769958965783\u0026fpv=H4sIAAAAAAAAA0srKAMAf8NCJQMAAAA%3D\u0026level=H4sIAAAAAAAAAyvOyUxJjS8zAgDYAQiSCAAAAA%3D%3D\u0026type=H4sIAAAAAAAAAytJzS3ISSxJBQCDH2CXCAAAAA%3D%3D\u0026wlocation=H4sIAAAAAAAAA1WNzQ6CMBCEX6XpSRPtD7XFQozxoie9qPFMoEIjUAIFjMZ3d%2FFmsplkv9mdeePCdR5HeBxHMgxKijVJU7zARWvugAvvmy6i9M%2BmW5ttRBgooUMdwHHfmXaXm3oKOrqXLcuESsLQ7GbrzI0dOl0QZ4TFCIBaxeg5STtEXKwIm6ODSR%2BOBowzGI72Fsrdk%2F5ciG%2FKxN9dW0E6%2FIupsUzqvE9yA8jUy%2BsZkLcVrDxUWsu1VlLK4PMFnDzx1N8AAAA%3D\u0026captcha_protect=H4sIAAAAAAAAAxWTR7KDRgAFD8QCRBqx8IIhp5HIYeMCRM4IRDi9vy%252FQ9apfdZn23yJP5y2v03%252FnddqKfGOeyfMzXxYVvAPmwBsguarlvKXyw2CZRpxIFoRz3ida%252B1TKh52MM3ZFubQuj2yam1xGfp5%252FvSnUIvjY8lCPbmdxnk%252Bai4pIjCf67GmdotA9ABELJ3i0nLFEs0XRpK15vXBlZHL1Nr0GckeYyDhOXcRH6nu54VKyvQReBliu4hSprctZAZaxVbcE3Xy%252FC7EZRVTbCrzSXnsVucW2EGDYLPqL3tX%252BAJZe4oejEQdXxPgLr1xHOzxhdAwKraYdO7FM%252B7VREExZWLB43kgJ26pjNBviys5aWt5zKoxpvO3GOmlIRkh3OuCT07q5xUED2Vh8culmT2ATxThbYKx%252FUszt5SniH45vuwyDywQiLqeB2NsYHBB7FOf%252B2diipri44VZMYWycyEwfX%252B6SPu4mn34wCrVi9F7q9Avtbk%252BC0lm4KjQcXXrU%252FcAEH70YXKYkyZAUg4R2fy2MCLcUu3ZLpEeWYjCtxy3pjlX4%252BxBJ4JxMYg2G6qyuoec7%252F7m%252FHr6X2%252FQMFTnFwBzvxe%252BxRTGbchmyavahu9%252F3ScIqaaK0ujOpOR7xq0EeiL5E6ZHlRVrOkF5Rk0y2tKjy1J5epgVQvg5EjEbLl7tNm9dHOiBHo%252FUljTp1IjxA6k8gHJHBHPZNlpL4UcDjpaC%252FbZLOle0qja58qJNMVfgOmxcyLBNYGApmXhVNd5jeAXaR1HaEg2%252F0B47gh1CP0ObAdvlYH8aa5nL2YMzEk92pMlH54zMViLtg7S3IEgM9lzpKQnbm099wwt%252BUqlpwtlQx2Ih6Jv0apXRnoOhL8eE17fghHgC81dUybDmyqE4VsoVX%252BgoeZYZxyeGR2n2DRSBMHU8oPVBLwB2OEdl5sYxCmc8C%252F1jdzAza4Of4TJXdpGjE31MYrfgWB9hrmQaxwP7pI6FsTHwr%252F4vxEXD4C%252FXPbKeqd1dgySpi%252BGvLUudIBmATy7ikYdD2lmmzsMidFts07EyA42HbyJry%252FYv1c3naCSNMSPkrQf5da9ztivFc5gkAXvTC39hHff1evt5OrsroO1AjlEZ5v%252FGLVC9Mh2mqdJVhBSl8h3jHh90%252F%252FwErBeT2QAQAAA%253D%253D\u0026originalImage=H4sIAAAAAAAAA0tLzClOBQAwaM0rBQAAAA%3D%3D\u0026_=1769958964882 HTTP/1.1\r\nHost: www.vv6538.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Req-Token: 0b727b01c2fc680fbc2d002f1aeb19f8\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.vv6538.cc/?id=372639792\r\nCookie: waf_captcha_marker=bb80a667f574cc95c2c99f17ed8c6363374579de8a6369304366e16e08493db4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:16:05 GMT\r\ncontent-type: text/plain;charset=utf-8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":716,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (716), with no line terminators","md5":"49aedd7b077ee13eec7750f0cecc1339","sha1":"d001108e0ccd9a98a35bc2c465564ce7f23a0dee","sha256":"54758d9403136723c0c02a9649eb883f031457c57b97d6024fcd3cf8ccd57c26","sha512":"13eff100d32a25bc3deca12a7a6e22c5fef49f10279bc5fc3412cfd499f0b2b16c0059cf0fca2536c4495b5a6d20911429737833b80bd3ea8117542dd9cf2a32","ssdeep":"","tlshash":"7c01449cc43fa5391e8697172d130e5e3a0451db1f1c7999d3a801939d0987f2db07dd","first_seen":"2026-02-01T15:16:26.052482Z","last_seen":"2026-02-01T15:16:26.052482Z","times_seen":1,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"www.vv6538.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}