{"report_id":"dfcd8cc9-64c4-4a8d-8e7c-a69b347272e9","version":6,"status":"done","tags":[],"date":"2025-06-18T04:50:28Z","url":{"schema":"http","addr":"jiejie51-f511.cc/","fqdn":"jiejie51-f511.cc","domain":"jiejie51-f511.cc","tld":"cc"},"ip":{"addr":"14.128.63.99","port":0,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"ftl.jiejie51-f1344.cc/","fqdn":"ftl.jiejie51-f1344.cc","domain":"jiejie51-f1344.cc","tld":"cc"},"title":"ftl.jiejie51-f1344.cc/"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-27T04:50:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"jiejie51-f511.cc","ip":{"addr":"14.128.63.96","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2024-11-16","domain_rank":0,"first_seen":"2025-06-18T04:50:28.913473Z","last_seen":"2025-06-18T04:50:28.913473Z","alert_count":0,"request_count":1,"received_data":9703,"sent_data":485,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.jiejie51-f511.cc","ip":{"addr":"14.128.63.96","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2024-11-16","domain_rank":0,"first_seen":"2025-06-18T04:50:28.912351Z","last_seen":"2025-06-18T04:50:28.912351Z","alert_count":0,"request_count":1,"received_data":9797,"sent_data":489,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ftl.jiejie51-f1344.cc","ip":{"addr":"14.128.63.100","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2025-05-07","domain_rank":0,"first_seen":"2025-06-18T04:50:28.911265Z","last_seen":"2025-06-18T04:50:28.911265Z","alert_count":2,"request_count":2,"received_data":19991,"sent_data":939,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-18","alert":"Sinkholed","trigger":"jiejie51-f1344.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-18","alert":"Sinkholed","trigger":"jiejie51-f1344.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ftl.jiejie51-f1344.cc/","fqdn":"ftl.jiejie51-f1344.cc","domain":"jiejie51-f1344.cc","tld":"cc"},"ip":{"addr":"14.128.63.100","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"b489be17fe8262f4b8e5ebd528d20b05","sha1":"9c9f489400e39b696d8d26c0b3060b66279d3a1d","sha256":"ea86e91f7ec9256dd79fd19ac6bd61015a81e94bf4a985dc1014314731e419ee","sha512":"8ee15a79e3bc6f9f5bc9736d0378d52abe3a9c4d5ad8786b2d5edf73be5941c256829a109680bed0c64e19a3ee3acd376a19230fafcde7d1c308902c32c1cb3c","ssdeep":"","tlshash":"1031fedddea60586de47a9bca85e101c3632f11bc8d9860abc4d46c83fa193540fe7ec","size":1472,"data":"","first_seen":"2025-06-18T04:50:31.726964Z","last_seen":"2025-06-18T22:55:36.734932Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ftl.jiejie51-f1344.cc/","fqdn":"ftl.jiejie51-f1344.cc","domain":"jiejie51-f1344.cc","tld":"cc"},"ip":{"addr":"14.128.63.100","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"7ace71ecbcdd8d321e6ce3b56feef8e8","sha1":"f7b21c066bcbca9273781e1b5361b5a9cf0f57eb","sha256":"4c0d5a716c1aaf3665c1cf583f62ab14578eeff687313d4a52db09f67bc27794","sha512":"ed11ec239d13a305e8c056f1c3e95b6cc79d2c24de8ae010aed6a32e56edee109d4a09254f20e98e98364ec7d0be4ea41c77546b408a64ee187581f90dc78861","ssdeep":"48:9UeS7wtJXrndUUzze0v7xWGunEiLiop32zfX/sBMQfBMQfBMQ7NWcW0qdh1w+ty6:hS6JHlFunBZ3uPO//edb1yIRjFh7oU","tlshash":"7c1267dd37315c9deca2a63ff45a7328e1948c13f94da0ad2e6a04006fc195ae1d939f","size":9402,"data":"","first_seen":"2025-06-18T04:50:31.727962Z","last_seen":"2025-06-18T04:50:31.727962Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ftl.jiejie51-f1344.cc/","fqdn":"ftl.jiejie51-f1344.cc","domain":"jiejie51-f1344.cc","tld":"cc"},"ip":{"addr":"14.128.63.100","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"b203c21c3e00f104b7d1dd773bb918e6","sha1":"40e7acdf8b27d26803c65044785a6357eb787ffa","sha256":"16994b5ec01c385114087f7e744c592f19c8b1a1ad96b10c2abbdc6817b0a493","sha512":"d67eb0f43be402cb717cd75a6447f2d03f50eda987daac0bfbd2faf2004b45c3e538a3801741d124b2d331597aa16f6ced65c870da70c6a49da5d9fc04030a95","ssdeep":"","tlshash":"48e0dfdbec9a06b18e8b76b654b8474870308017dcc8c6003c1e89945f30cf2e09ebcc","size":411,"data":"","first_seen":"2024-12-28T18:34:15.591996Z","last_seen":"2025-07-03T02:55:23.443718Z","times_seen":1005,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ftl.jiejie51-f1344.cc/","fqdn":"ftl.jiejie51-f1344.cc","domain":"jiejie51-f1344.cc","tld":"cc"},"ip":{"addr":"14.128.63.100","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb90f64a7adc636344bd6c9271de19ce","sha1":"57f15b19caefab99cce1a2a9ae158b68f09894a9","sha256":"5b803277364c8f9ba93336b0f11212ec1a4420b8be98dbb036b26d120cc532bb","sha512":"904233f5bff346df9a73c7ac82ec84756652eb4315af90d42b226767400d9c7d07e8c6d40039643fb9c16cb108734320212c855800a26018a43aaae057337010","ssdeep":"","tlshash":"34a00415c14513107303003010d1c3dc3f744013fc4115153f5f05400f40515c014444","size":64,"data":"","first_seen":"2024-12-28T18:34:15.599123Z","last_seen":"2025-07-03T02:55:23.442614Z","times_seen":1005,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"47fe8f1dd3bdb2860ab2298940d21fb3","sha1":"202487d4765dcb9bea8ecddc17d4c8f4acc6a557","sha256":"2a9f043c6ecc8e14b00397c19dfaf705bc2648d7939835e13f508e10ab8449c6","sha512":"abdaa7f4e961077654f8faa566e3c4703e86ca3a145366fa90c0d9b6bbe8ecc01b24e771007fac61fce7dbd35aecf940a00da0f94723d959c7f2031806acc525","ssdeep":"","tlshash":"3d613256d9f30446f657d86f6659a51a3b21f213088ace153f8c17b0afc54aa88f73cc","size":3187,"data":"","first_seen":"2025-06-18T04:50:31.72995Z","last_seen":"2025-06-18T04:50:31.72995Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"dfbecfe50178f6af93b441876b538e6a","sha1":"f9bd9519c861f0ed2403b8c4a261c98708268fdf","sha256":"2e3f6ecfe4e866744b49835cdeeebca84f0098555395c8bbe525c73c6fe72d33","sha512":"d9d3722e19c9c7a0181a3dacf19e0c3db8624b397f5db9b29671cba5a18371bd89b1ea095e039be15c89e8df21dfa8565ecd184ff9834d9b6259a7ac872d4c75","ssdeep":"","tlshash":"09600000ccf00000030c0003cc00000033c0000f0000000003030c0f03000c000c0000","size":12,"data":"","first_seen":"2025-06-18T04:48:08.806906Z","last_seen":"2025-06-18T23:04:25.386801Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"jiejie51-f511.cc/","fqdn":"jiejie51-f511.cc","domain":"jiejie51-f511.cc","tld":"cc"},"ip":{"addr":"14.128.63.96","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-18T04:50:06.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jiejie51-f511.cc","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 01 May 2025 12:29:58 GMT","end":"Wed, 30 Jul 2025 12:29:57 GMT"},"fingerprint":{"sha1":"63:F7:A9:23:B1:38:81:B4:5C:07:52:0A:B9:68:E3:89:BD:3A:99:D5","sha256":"84:A2:5B:AA:DA:55:62:98:7E:03:3C:15:79:42:E0:46:49:A8:6B:F0:0F:6C:7E:CC:DD:0F:07:81:1E:E5:C0:A9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: jiejie51-f511.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":119,"data":"dbName=emsadmin.nsf\u0026vName=va_LUKeywords\u0026fieldname=LoginPageheading\u0026vkey=ka_CompanyProfile\u0026ajaxArraySeparator=%24*%7D%5E"}},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ncontent-type: text/html\r\ndate: Wed, 18 Jun 2025 04:50:07 GMT\r\nlocation: https://www.jiejie51-f511.cc/\r\nserver: openresty\r\nx-cache: BYPASS\r\ncontent-length: 166\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":9434,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T01:09:43.978719Z","times_seen":16160175,"resource_available":true,"data":null}},"time_used":2069,"timings":{"blocked":882,"dns":1,"connect":301,"send":0,"wait":304,"receive":1,"ssl":575},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jiejie51-f511.cc/","fqdn":"www.jiejie51-f511.cc","domain":"jiejie51-f511.cc","tld":"cc"},"ip":{"addr":"14.128.63.96","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-18T04:50:07.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jiejie51-f511.cc","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 01 May 2025 12:29:58 GMT","end":"Wed, 30 Jul 2025 12:29:57 GMT"},"fingerprint":{"sha1":"63:F7:A9:23:B1:38:81:B4:5C:07:52:0A:B9:68:E3:89:BD:3A:99:D5","sha256":"84:A2:5B:AA:DA:55:62:98:7E:03:3C:15:79:42:E0:46:49:A8:6B:F0:0F:6C:7E:CC:DD:0F:07:81:1E:E5:C0:A9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.jiejie51-f511.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\naccess-control-allow-origin: \r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 18 Jun 2025 04:50:07 GMT\r\nlocation: https://ftl.jiejie51-f1344.cc/\r\nserver: openresty\r\nvary: Origin, Accept-Encoding\r\nx-cache: BYPASS\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 91\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":9434,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T01:09:43.978719Z","times_seen":16160175,"resource_available":true,"data":null}},"time_used":381,"timings":{"blocked":76,"dns":0,"connect":0,"send":0,"wait":305,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ftl.jiejie51-f1344.cc/","fqdn":"ftl.jiejie51-f1344.cc","domain":"jiejie51-f1344.cc","tld":"cc"},"ip":{"addr":"14.128.63.100","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-18T04:50:08.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jiejie51-f1344.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 May 2025 03:45:04 GMT","end":"Tue, 05 Aug 2025 03:45:03 GMT"},"fingerprint":{"sha1":"0F:D5:14:AC:55:20:68:FA:C6:EB:73:9E:88:05:E6:84:4E:82:47:C1","sha256":"E5:86:3E:3F:7A:BC:25:B3:24:AC:EA:8A:FB:75:36:14:D0:94:70:C0:1B:D4:BE:46:75:65:A8:28:96:CD:BB:55"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ftl.jiejie51-f1344.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":2459,"data":"e=37dfbd8ee84e00126feec537e846829a9225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f674a8ad18a532c3e1dfd2c23578433dc63c151620370c755085867015a92ea3a4c77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebff079ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b226537a30ca946c75ca92560c2e4270045eaedd79652f53f2fd1b798eabf77a98e709241d78fea4f79d9077b9cfc248b5038e523d65cceb92a9e471d280f061856b4a95b98a260709b33a2ce8901c7abd8be4669314ab13a08e19de5d899a2e87676b849324d9668cc0bbe185fd9d6638ea3de4a9f02b4d26f982719ab05ea1071357821f18d092c39081bccb70c92090c6f5ab7eff5a7c3a8f3a64d6929c4124dbe431e443e99041907ca378504851cb76f14dd0c4ba74bd842ecc11ebcf849b6bce170468fe7f1a58794568ecaa23ec059b8cc964a19e44f39b2bd694c2f83dd7f0a81f283e98e71e1ce2e65a0b4ca7beb066a4269bea5cede832b37ca032974fd514d7ab34db1e3bf9af906e2322630b2d174114ace59071d400b759534428f9a852d8991c10e3bedfbba071c4ede0919aeafbb4121b2ef15587a8586986436719d562557672b00dcb3e58a6a39263db368a60fad67edfa41fda3e567532086e1282c1e3de3c795798194d92cd9eedb1a33a01fcb5cf0edcae291283aa00207bbdd4800233bd3584419e1de63f9910d9c91bffa43082dbc1aaee2123aa845c32c42ce6d1a2b704de2c62040fff055f42f3e7069de614d68bcf99109cfbd8605f731ee163c950fd0ceddf7b9c305f33156f3f6deb598f822f47f93291b5ff34c5dd0dd12131bd1b7f2d9cf4c34a07ac63ff8e0cc85872531bae312d9ebd882b98027c888f10a0dcc1eddf01891f472815ee657c04c982065da62eb6bdd3278ad3ef0e5960b028645142dd1d0ea3c5b255\u0026cri=jSLYyppGqP\u0026sf=0\u0026dc=SkJGXk45XklJE0leSUleSTgVDhcXXkk4SkxMXkk4SEhPSl5JOEpKT09eSThKSUpDXkk4SkpLTV5JOEpJSkxeSThKS0NCXkk4S15JOEpKXkk4SklNTl5JOEpJTU1eTj9dSEpGXkw5XklJDF5JSV5IOkpMSV5JOF5JSRNeSUleSDpPSV5JOF5JSRkkXklJXkg6Ql5MP11MSkZeTDleSUkIXklJXkg6S15JOF5JSRZeSUleSDpLXkk4XklJDF5JSV5IOkteSTheSUkZJF5JSV5IOkJeTD9dSk9KRl5MOV5JSQheSUleSDpKXkk4XklJGSReSUleSDpLXkw%2FXUpOQkZeTDleSUkeS15JSV5IOl5JSQhVHB4PORoPDx4JAl5JSxIIXklLFRQPXklLGl5JSx0OFRgPEhQVXklJXkk4XklJGSReSUleSDpLXkw%2FXUhJTUZeTjleTDleSUkZXklJXkg6S15JOF5JSQheSUleSDpeSUlKXklJXkw%2FXkk4Xkw5XklJGV5JSV5IOkteSTheSUkIXklJXkg6XklJSl5JSV5MP15OP11OSUtGXkw5XklJC15JSV5IOl5JSTcSFQ4DXklLA0NNJE1PXklJXkk4XklJF15JSV5IOl5OOV5JSR4VVi4oXklJXkk4XklJHhVeSUleTj9eSTheSUkTGF5JSV5IOk9DXkk4XklJGSReSUleSDpKSl5MP11DTE9GXkw5XklJCF5JSV5IOkheSTheSUkODQsaXklJXkg6S15JOF5JSRkkXklJXkg6S15MPw%3D%3D\u0026cp=1\u0026gtm=-\u0026gac=-\u0026tb=1\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=1000\u0026mo=0\u0026pn=2295\u0026spn=1293\u0026fp=524"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: \r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ncontent-encoding: gzip\r\ncontent-type: text/html;charset=utf-8\r\ndate: Wed, 18 Jun 2025 04:50:09 GMT\r\nserver: openresty\r\nvary: Origin, Accept-Encoding\r\nx-cache: BYPASS\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 1952\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9434,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (9434), with no line terminators","md5":"46535432008ec92c89da0d1b3cb4fddd","sha1":"a7500412351deea7bc9177517c4dab1d9e7d1676","sha256":"c593258b74fbe69c788be43ef33668282e2702bdc46d38c77525217afcaead5c","sha512":"9cb086050249648073f9205d4f7ddad96751bbdcf551da78a566d7bf7e0ed4ab18ffec973cd495f632e7f8f3d3b25333e8097c60aee1fd002e8f010bda6df969","ssdeep":"48:CUeS7wtJXrndUUzze0v7xWGunEiLiop32zfX/sBMQfBMQfBMQ7NWcW0qdh1w+tyy:AS6JHlFunBZ3uPO//edb1yIRjFh7os","tlshash":"601268dd37315c9deca2a63ff45a7328e1948c13f94da0ad2ea904006fc195ae1d939f","first_seen":"2025-06-18T04:50:31.725221Z","last_seen":"2025-06-18T04:50:31.725221Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3354,"timings":{"blocked":1528,"dns":52,"connect":293,"send":0,"wait":298,"receive":0,"ssl":1172},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-18","alert":"Sinkholed","trigger":"jiejie51-f1344.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ftl.jiejie51-f1344.cc/favicon.ico","fqdn":"ftl.jiejie51-f1344.cc","domain":"jiejie51-f1344.cc","tld":"cc"},"ip":{"addr":"14.128.63.100","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"","requested_by":"https://ftl.jiejie51-f1344.cc/","date":"2025-06-18T04:50:10.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jiejie51-f1344.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 May 2025 03:45:04 GMT","end":"Tue, 05 Aug 2025 03:45:03 GMT"},"fingerprint":{"sha1":"0F:D5:14:AC:55:20:68:FA:C6:EB:73:9E:88:05:E6:84:4E:82:47:C1","sha256":"E5:86:3E:3F:7A:BC:25:B3:24:AC:EA:8A:FB:75:36:14:D0:94:70:C0:1B:D4:BE:46:75:65:A8:28:96:CD:BB:55"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ftl.jiejie51-f1344.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ftl.jiejie51-f1344.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":118,"data":"dbName=emsadmin.nsf\u0026vName=va_LUKeywords\u0026fieldname=CompanyLogo1URL\u0026vkey=ka_CompanyProfile\u0026ajaxArraySeparator=%24*%7D%5E"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: \r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ncache-control: public, max-age=15552000, immutable\r\ncontent-type: image/vnd.microsoft.icon\r\ndate: Wed, 18 Jun 2025 04:10:30 GMT\r\netag: \"1750219831\"\r\nexpires: Mon, 15 Dec 2025 04:10:30 GMT\r\nlast-modified: Wed, 18 Jun 2025 04:10:31 GMT\r\nserver: openresty\r\nvary: Origin, Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nx-content-type-options: nosniff\r\nx-ua-compatible: IE=edge\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 9662\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9662,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel","md5":"3331070cee004f8847884177ab747e20","sha1":"41f1edcbb7ee7fc352acd7890b755c1a36b05daa","sha256":"0b0bc70778f9a4f293440285444a35c6b02fe48ac0cd2b426227e490dae0492f","sha512":"0c77dc02aee7cfafb7f8184edb6a53122f6d694edacdc6a310028566f809cf9c3144eb507bb795f35bec8dcf20066a4fbb9412e0955775a60141b2057bf2e188","ssdeep":"96:9iALlQl0bl0Ml6tNUsl0mHxk0JjUwuRzVB65DyrMilbHArgB3zZ+e0eDAhFUhAzH:N+4UhkDM+Ftz94vzICC3UuZa","tlshash":"d2126046f2ce9401f85b59317604c3ffe42698c8daae884b3988defb5dad3578432647","first_seen":"2025-01-24T03:58:48.563186Z","last_seen":"2026-06-05T06:35:38.067915Z","times_seen":3662,"resource_available":false,"data":null}},"time_used":368,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":306,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-18","alert":"Sinkholed","trigger":"jiejie51-f1344.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}