{"report_id":"e5f9148e-cc42-4f6e-b4be-9f70b78f85d9","version":6,"status":"done","tags":[],"date":"2025-05-10T20:32:42Z","url":{"schema":"https","addr":"tk-viponline.cc/www","fqdn":"tk-viponline.cc","domain":"tk-viponline.cc","tld":"cc"},"ip":{"addr":"156.245.210.82","port":0,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"tk-viponline.cc/www","fqdn":"tk-viponline.cc","domain":"tk-viponline.cc","tld":"cc"},"title":"VIP"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-19T20:32:42Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"tktyshiioopre.sbs","ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":12,"request_count":12,"received_data":6606252,"sent_data":5637,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":634,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-05-07T15:08:31.297992Z","alert_count":0,"request_count":1,"received_data":285905,"sent_data":441,"comment":"","tags":null,"fingerprints":null},{"fqdn":"sf16-website-login.neutral.ttwstatic.com","ip":{"addr":"23.36.76.163","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2021-11-05","domain_rank":0,"first_seen":"2022-12-12T15:40:21Z","last_seen":"2025-05-09T17:28:36.724687Z","alert_count":0,"request_count":2,"received_data":116345,"sent_data":1177,"comment":"","tags":null,"fingerprints":null},{"fqdn":"mon.tiktokv.com","ip":{"addr":"95.101.10.26","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2017-09-20","domain_rank":1924,"first_seen":"2019-03-20T13:59:02Z","last_seen":"2025-05-09T20:06:37.021573Z","alert_count":0,"request_count":2,"received_data":2804,"sent_data":1106,"comment":"","tags":null,"fingerprints":null},{"fqdn":"tk-viponline.cc","ip":{"addr":"156.245.210.82","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":3,"received_data":12716,"sent_data":1482,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"tktyshiioopre.sbs/www/","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-04-04T12:49:06.45346Z","times_seen":29561,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/www/js/index-c0807226.js","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"4fca6dfa46c1f413e586b5e6efc31d5b","sha1":"f4580ad78a7bef77a85a49dce5d2c819484f95fb","sha256":"13ed87a70d74f4552e9c88a65635b0f948b24485b9eba5a3e975bd310c45b6a6","sha512":"5c4234f183e42402092e07df6673c5b30a932c5474c7dc4ff77c8b7cbc5a232e57140e88e4bbbbdfd2cdd59bd2ca14d7401020facadc07e708c1f5f914d4f7c0","ssdeep":"49152:eAQapiSzb19NCZ04+OzDKtYZ4mFKVzrhDR7CIHtdXU0MLLh7N/Dxj/tcUeoSc1XN:3Yd","tlshash":"ec1671ac67bab2488a48e0d7ec333d8d8c44d9859017d2f74fbd5ab39391301da5af16","size":4264702,"data":"","first_seen":"2025-05-10T20:32:49.021084Z","last_seen":"2025-05-10T20:32:49.021084Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww/","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"d9ab7cd1260de76da9cd7dde87c1d871","sha1":"f5ed4fb5745a46d9ec4a374e07e932fd214d1324","sha256":"b104726dde5e39d3e84041b05afa320a67473bc3fb2dd673d306e206a742aef7","sha512":"ad9dad72cc4f79d2490cf6354b98c4eed483710ba59df661617309d97e7d46a8d4bb678d2765f468cddee9754772e76594c81708f6e629cee69a1a41f7e991d0","ssdeep":"","tlshash":"1ec0121b9f18527b27788825131ba90205dc29d25b911a11c0da098c11d13b61905956","size":190,"data":"","first_seen":"2025-04-25T08:54:28.119659Z","last_seen":"2026-02-08T16:47:27.438562Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"12e87d2f3a4c8b347ab13a0764d420a3","sha1":"4be715e11048c057fdf2ee0fbbfad4dbf3504c55","sha256":"78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe","sha512":"fa4d699e582de05d47f0beeddf3f79a37fca3bea3bf083447174db9e8250fc5d95a835615a86a256697f3841eff47b1583151a556f886e264f50941f17f63167","ssdeep":"6144:gwsmYhct1SS+TC1lmhTzeKRYcYmD2zK8USJsdZQ/coLGVFyy/RgL/uiOgeNTIPfz:FuYcYmD4/cZQ/coLGVFyCJTiPf7AqqAV","tlshash":"e954a3d8f78d112e423231aaad2e12cdbb7dd171561454aefd4d497c24a083c83baf7a","size":285314,"data":"","first_seen":"2023-09-15T16:51:13Z","last_seen":"2026-04-04T11:32:29.918242Z","times_seen":15945,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/www/","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-04-04T12:49:06.454351Z","times_seen":33486,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww/","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"edce5f92435f38cf5405007029da0e86","sha1":"b4d52fa1b4d15ffffffcd68e165b8b20c05eb80d","sha256":"a822fa3284b12578f8f881df5d57d269d2f6120c042075e8719edc8e5aadc6eb","sha512":"3ad0f442c142f0d40a68a0f0829087f7c5a98b06a6b4742dedfff4f26d218b43c6d0c27a21420b39322438484e7e43e6a64b5a107a924fa9dab65f42e745320b","ssdeep":"","tlshash":"92a022020f32c022bcb022300b83ae08f303303c30e0cc22b02e08e8b2c0323a2cc08b","size":79,"data":"","first_seen":"2025-04-25T08:54:28.120885Z","last_seen":"2026-02-08T16:47:27.439466Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww/index/index.js.%E4%B8%8B%E8%BC%89","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"24ae72b0820606486469c4c6a8f79989","sha1":"4fbb73b7054636f3475a429234b83f3b7697d020","sha256":"1af1de4e9c9ae430f515ff8df3e2277ec6b3654b25430b827c090fe5d708c8a0","sha512":"ab8dbb743e63d76776a6683429570617ccd58df2b816f4181386882d4c68d8e39c6a0a2d21b146ec7516e3890ff81cc76ca198ca9beb660d5b1bb803edf0f60c","ssdeep":"768:oSCRKEIyQY5dWkWU4ttZxigSEsCXCaCWEl2DJjmdSLsWWsSup3f2+jGAOrPqZAkN:Y5dWhtzrIt+Gs3fEAOzqZA0s0qZAnZV","tlshash":"bf73e8d7b195b06147a365e4a43f260ff23b780aaec5c0d2d212d6d42c6c7d6a122fed","size":75627,"data":"","first_seen":"2024-06-21T10:24:22Z","last_seen":"2025-07-03T13:59:36.063851Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww/index/core.js?globalName=__PNS_RUNTIME__","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6afc79ed41b94db124a33943375bae0d","sha1":"191f08f8685ddf76a7d2638e813f7b236d64545c","sha256":"c0d3d9afcffaaad82ff7767e52341eaf637ee8bca5e36900adba773dc1e6597e","sha512":"d4aae781d57e863704de243a23afdbae735580f1e7adfcdab33feadca59749c24cab7f003e463c585846e3c8723d9cf653a3d0e0e47eca955b9e816a5ec38926","ssdeep":"1536:NdW3OtjWPOShxBjrGUDvosNgKAOzqZA0s0qZAN8:NdW3M0B3GUc8gd8","tlshash":"6b83e8dbb684b071579326e8603f250ef33b6509a989c0e5d321dad42c787da9123fed","size":81428,"data":"","first_seen":"2025-04-25T08:54:28.100488Z","last_seen":"2025-07-03T13:59:36.065388Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww/","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"4678327450e777cb886fdef6dadb68d3","sha1":"636934b65d2befa33c128b8adf1f0ff66e9ed416","sha256":"2ec09e7d406e27e9186cedd7b4bd560219a26dc068d28e6401c429257abddf62","sha512":"a366e761c1895cfd319234372570d23a1f4bb374cab73e43c7fd3963dc0b411dd803217286a43e2e4198aeabe8ffcd26937e268b9ef21f2ead144b271d64ee32","ssdeep":"","tlshash":"f3b09b151430453b45ab9697b5d545c86e91314c720d6745854d45412c25f515951554","size":116,"data":"","first_seen":"2025-04-25T08:54:28.121979Z","last_seen":"2026-02-08T16:47:27.440371Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww/index/626.763cf3e5.js.%E4%B8%8B%E8%BC%89","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ac62c269b7b669c9f867ab68eac4c92","sha1":"addad8d9880677fbea42b5cf5a2107435e3aade1","sha256":"cdee316523aee1dd10583410e7f8b2d9ef975f8e3ccf09457503544216ac6abc","sha512":"6d164d9b15bbb64a8f30c9f4c39a4476387e1203ffc4575039135c72d020871481b57786a32d08e788cec03afacc1b0b057ed69c6dfb9a6703d9e7865c23db3f","ssdeep":"12288:buhg5GSmW3nT8deIi5AsOsmOszmfMrLPycG:Cy53hTCepTLyyaecG","tlshash":"f5353acd7295f06243e361b5502f240bb33a2a59784d8464f662e8e57cb994f923bf3c","size":1142590,"data":"","first_seen":"2025-04-25T08:54:28.107919Z","last_seen":"2025-07-03T13:59:36.063345Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tk-viponline.cc/www","fqdn":"tk-viponline.cc","domain":"tk-viponline.cc","tld":"cc"},"ip":{"addr":"156.245.210.82","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"b214b728ffbd31824bbb1d5a9f53d0a3","sha1":"fdd928f7a32d7c9776828049ca3a79f769fc391a","sha256":"ff175a16c9f923ae6b1d44d7bc06e3ddb2e664ade8c5e71bf1c7f5cb83a5c751","sha512":"034aba66ee1311897e361bb0258f6f57de0a81f07a0836a9b98b968ed6e1ba7d09566a61564f80ea82eff009d42242259c12281c1e072a1c5937aa4b6f3f49d1","ssdeep":"","tlshash":"8151004e2ef2616a8133b13a47cf91813675825b2109ce18392c5f819ff5e786991bdd","size":2726,"data":"","first_seen":"2025-05-10T20:32:49.031801Z","last_seen":"2025-05-10T20:32:49.031801Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww/","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"cfc4c70763e2f0a6db4b65d4b40a7945","sha1":"331e877f9b7766f0c700a762d896b2bb0c962afc","sha256":"2df3ad00c232e8d4a2848a668c8b73bafbb19698aec3e8362d72afb75e30d573","sha512":"e956fc5b330814597ba2d7bf0101b32f5497c90ff31b434bf7f45d907e72aac548d7c1c68ec163f6696b6c3f211bed3e7170e42a48189345fccb2502066db9b3","ssdeep":"","tlshash":"8831feca37d2f4d807a6b4a8052f809bf527593350aee061d712d4e37c3465e8077f99","size":1602,"data":"","first_seen":"2025-04-25T08:54:28.123082Z","last_seen":"2026-02-08T16:47:27.44089Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww/","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"9878bcf0676b73d42c55d88dad431ac1","sha1":"accc934b626fdbeb801901999ba4ab821a708a32","sha256":"b104953a71a6b667e96f9dd08d1dc6fdafc77e75a98edf019572916363932734","sha512":"c950097f49ca07626cdaa7d9606d35c5b14a1bbdb6abed02d77b6d6226ab1e84a324f73260f8eb63fec1d487fed91ed54a4492df3752e91e6aae53d3f1d424e7","ssdeep":"","tlshash":"aa21c88ab1b3212105bb357f1f8b086138a3965b24099c14fd4e4ea44ff179c9adf789","size":1135,"data":"","first_seen":"2025-04-25T08:54:28.124209Z","last_seen":"2025-07-03T13:59:36.06951Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww/index/devtools.js?globalName=__PNS_RUNTIME__\u0026__PNS_SW_CACHE__=1\u0026__PNS_SW_CACHE_KEY__=to-json-schema","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"724c2f8b9e59af803cf65dcc40491b68","sha1":"2aa047c51b36bf5ad02ff6b0e697b128c6bee081","sha256":"280931da13557f35b6d0f9dde5ccb7a6f617ee43f1dc5466cbdff40e60d6dbfc","sha512":"e4b85234356633c15ae33de3f5932eba66e284ce7202e2d5e1c61f805a2e8e9b33e5b7e642969923e6ff1ba406d207d14fbb31af9146e0bf4cea6c52c7a6a814","ssdeep":"","tlshash":"358130cd79d3f06482a261a8003f911ff73e6d16e45da490d00af8a07cb8d9bd163aed","size":3869,"data":"","first_seen":"2025-04-25T08:54:28.109012Z","last_seen":"2025-07-03T13:59:36.059214Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww/index/626.ab9a01a2.css","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tktyshiioopre.sbs/ww/","date":"2025-05-10T20:32:24.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tmarketsl.sbs","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Apr 2025 14:12:27 GMT","end":"Mon, 28 Jul 2025 14:12:26 GMT"},"fingerprint":{"sha1":"94:E7:B8:C3:80:52:7E:46:19:10:3F:05:41:BD:96:AA:10:33:21:E0","sha256":"86:83:CE:6C:3D:5D:C7:F4:2D:EC:E0:D5:B2:DA:91:2E:2B:45:6B:0C:58:AB:4D:E9:BB:13:2F:55:01:04:83:AD"}}},"request":{"raw":"GET /ww/index/626.ab9a01a2.css HTTP/1.1\r\nHost: tktyshiioopre.sbs\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tktyshiioopre.sbs/ww/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":18,"data":"time=1746909124102"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 May 2025 20:32:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 30 Apr 2025 04:28:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6811a6e4-c7e27\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":818727,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (50902)","md5":"b9524e49204fd6a9a75a76c3301391c9","sha1":"cd5839471bd43ca2c31cbf6ecec685a16986d8d8","sha256":"c364a1d45e3bfa0cd6d55d935ca62224b5889511ab9acc5c80a033eefd1bb229","sha512":"26738052088a1b767262a5e0962b21d8750c37c0455c55b5da3393d2fba4265fa122fd70619f16a7000660bafd58afc08c589cbb632dcf91b43c2a6ebc4902bd","ssdeep":"3072:Ejbng96pVDyf23RD19U1VHmPYjZXk7EGKS69CAmSIJwdN/Cfo7p/F9MNFvWnIL5v:EjbWNQqfU2MGVdE","tlshash":"fd0552269635112a6037852bb9c7facc2316b601ed237fbff6431cc68e85d994352f26","first_seen":"2025-04-25T08:54:28.104212Z","last_seen":"2026-03-28T10:22:15.133981Z","times_seen":34,"resource_available":false,"data":null}},"time_used":562,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":562,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tktyshiioopre.sbs/ww/","date":"2025-05-10T20:32:24.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo ECC Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 25 Jun 2024 00:00:00 GMT","end":"Wed, 25 Jun 2025 23:59:59 GMT"},"fingerprint":{"sha1":"CD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5","sha256":"AB:77:AE:8B:01:C3:97:E7:80:17:A2:C0:A0:8D:8A:BE:C9:8A:77:1C:06:8C:B9:64:E1:7B:E5:9F:3B:E7:EC:FA"}}},"request":{"raw":"GET /jquery-3.7.1.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://tktyshiioopre.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tktyshiioopre.sbs/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":18,"data":"time=1746909130734"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-45a82\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sat, 10 May 2025 20:32:24 GMT\r\nage: 4628687\r\nx-served-by: cache-lga21929-LGA, cache-hel1410027-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 14, 36571\r\nx-timer: S1746909145.836201,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 83619\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":285314,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"12e87d2f3a4c8b347ab13a0764d420a3","sha1":"4be715e11048c057fdf2ee0fbbfad4dbf3504c55","sha256":"78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe","sha512":"fa4d699e582de05d47f0beeddf3f79a37fca3bea3bf083447174db9e8250fc5d95a835615a86a256697f3841eff47b1583151a556f886e264f50941f17f63167","ssdeep":"6144:gwsmYhct1SS+TC1lmhTzeKRYcYmD2zK8USJsdZQ/coLGVFyy/RgL/uiOgeNTIPfz:FuYcYmD4/cZQ/coLGVFyCJTiPf7AqqAV","tlshash":"e954a3d8f78d112e423231aaad2e12cdbb7dd171561454aefd4d497c24a083c83baf7a","first_seen":"2023-09-15T16:51:13Z","last_seen":"2026-04-04T11:32:29.918242Z","times_seen":15945,"resource_available":true,"data":null}},"time_used":418,"timings":{"blocked":167,"dns":48,"connect":29,"send":0,"wait":28,"receive":47,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww/index/core.js?globalName=__PNS_RUNTIME__","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tktyshiioopre.sbs/ww/","date":"2025-05-10T20:32:24.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tmarketsl.sbs","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Apr 2025 14:12:27 GMT","end":"Mon, 28 Jul 2025 14:12:26 GMT"},"fingerprint":{"sha1":"94:E7:B8:C3:80:52:7E:46:19:10:3F:05:41:BD:96:AA:10:33:21:E0","sha256":"86:83:CE:6C:3D:5D:C7:F4:2D:EC:E0:D5:B2:DA:91:2E:2B:45:6B:0C:58:AB:4D:E9:BB:13:2F:55:01:04:83:AD"}}},"request":{"raw":"GET /ww/index/core.js?globalName=__PNS_RUNTIME__ HTTP/1.1\r\nHost: tktyshiioopre.sbs\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tktyshiioopre.sbs/ww/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":1630,"data":"e=37dfbd8ee84e00126ee8ce35e24e8d989225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f674cd3d28f0f7d6e1dfc2e7301d532893692023151759a55050e3c0d59cfbc3f1d77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a3231f7923d1d32824d886091b2944230402a58778607e05f2fc402fdea3a32990f247604379b9aca6939974b6c1cc1fa90a8e522c3a89acdaf6fc2b8f98b728d32d4996bbd46e4744ab3e27b6c34b39f1cae766db53ed4cb3980a801a9a8c209a2a3f979927da6d8cc0bbe185fd9d6638ea3de4a9f02b4d26f982719ab55ea1071357821f18d092c39081bccb70c92090c6f5ab7eff5a7c3a8f3a64d6929c4124dbe431e443e99041907ca378504851cb76f14dd0c4ba74bd842ecc11ebcf849b6bce170468fe7f1a58794568ecaa23ec059b8cc964a19e44f39b2bd694c2f83dd7f0a81f283e98e71e1ce2e45b0852aea2b47ab93b98e240f2e326b560bd329357c809d1aa3cdb0721e4af8e7b393f646e36190852f3b59e66c003a94449472ff1b447d69f1d129ebd83dcf62bbd91bea9ec82edb917342ee755c5f3003a9149771ac9625a756aff7ba77f1ec7f5b01dc83fa551d6d2798fe90cc80e4e46321e6e57d999b0c936695484194291d5d0bbb8c3540080b0bc0ff78b2f2f8ed1507d3c99fb802433ab35c71fc908e954f60ec98a57a1a838e2879a86c9033393bf6832c62ff9d3d2fe41c5336a040f96745104e4e14d85ed14ca9b93d4468ddad62104365bac7df650e847b8806996304b3d537a203df3508e9d210afa3c91b5ff35c5dd12cf2726ed0376319eead91648b132a6cc02d00631004abb3b3090f6813dd95d3f869742e2cdd7fa8041da59493057b62e634096ce4900e671\u0026cri=C8tunq5rtb\u0026sf=0\u0026dc=\u0026cp=10\u0026gtm=-\u0026gac=-\u0026tb=1\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=10014\u0026mo=0\u0026pn=12232\u0026spn=2216\u0026fp=797\u0026snt=1"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 May 2025 20:32:25 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 30 Apr 2025 04:28:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6811a6e4-13e14\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":81428,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46074)","md5":"6afc79ed41b94db124a33943375bae0d","sha1":"191f08f8685ddf76a7d2638e813f7b236d64545c","sha256":"c0d3d9afcffaaad82ff7767e52341eaf637ee8bca5e36900adba773dc1e6597e","sha512":"d4aae781d57e863704de243a23afdbae735580f1e7adfcdab33feadca59749c24cab7f003e463c585846e3c8723d9cf653a3d0e0e47eca955b9e816a5ec38926","ssdeep":"1536:NdW3OtjWPOShxBjrGUDvosNgKAOzqZA0s0qZAN8:NdW3M0B3GUc8gd8","tlshash":"6b83e8dbb684b071579326e8603f250ef33b6509a989c0e5d321dad42c787da9123fed","first_seen":"2025-04-25T08:54:28.100488Z","last_seen":"2025-07-03T13:59:36.065388Z","times_seen":6,"resource_available":true,"data":null}},"time_used":337,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":337,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_fonts/TikTokFont-Regular.woff2?_default_font=1\u0026v=2","fqdn":"sf16-website-login.neutral.ttwstatic.com","domain":"ttwstatic.com","tld":"com"},"ip":{"addr":"23.36.76.163","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tktyshiioopre.sbs/ww/","date":"2025-05-10T20:32:25.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.neutral.ttwstatic.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 02 Jul 2024 00:00:00 GMT","end":"Tue, 01 Jul 2025 23:59:59 GMT"},"fingerprint":{"sha1":"ED:EC:B0:27:FC:9B:90:0E:FA:A2:89:18:E6:30:D2:BB:60:D2:B6:59","sha256":"71:CA:5A:2A:FA:47:E6:1A:DE:DF:5F:55:7B:65:0C:F1:C9:04:2A:E5:19:D6:91:42:9B:4C:7D:2F:5E:28:45:CF"}}},"request":{"raw":"GET /obj/tiktok_web_login_static/tiktok_fonts/TikTokFont-Regular.woff2?_default_font=1\u0026v=2 HTTP/1.1\r\nHost: sf16-website-login.neutral.ttwstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tktyshiioopre.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tktyshiioopre.sbs/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-length: 56492\r\ncontent-md5: /fJgDZBaD6oGDWkeAhLhpw==\r\nlast-modified: Mon, 21 Oct 2024 05:45:19 GMT\r\netag: 7556dde1-1f4a-4b92-8bc5-f8e8956df83c\r\nversion-id: 64f86a2e-8aa7-4856-8b3e-6eda8eec13cc\r\nstorage-tier: Standard\r\ncontent-type: font/woff2\r\nopc-request-id: iad-1:VYdIr2VxSowYhdvxPtAz6xln_gGw8VciMbwLdxnrC6gZ8a-kDMZ_b9cytMm4Pi_s\r\nx-api-id: native\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options\r\nx-origin-response-time: 333,23.192.47.151\r\ncache-control: max-age=2592000\r\nexpires: Mon, 09 Jun 2025 20:32:25 GMT\r\ndate: Sat, 10 May 2025 20:32:25 GMT\r\nx-cache: TCP_MEM_HIT from a23-36-76-159.deploy.akamaitechnologies.com (AkamaiGHost/22.1.2-812cedcbf35ba002177d10138ee3fcd0) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=0\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 30d6712\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":56492,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), CFF, length 56492, version 1.0","md5":"fdf2600d905a0faa060d691e0212e1a7","sha1":"62550f0993a219e265ff9a0795a4d9f49b28748f","sha256":"52a37b3a78eb5b59df3bdb129b9115c6fed9bec6ca62b55ae56d8c2701de5972","sha512":"7118d2ea3aafe3d77709842da20acbe3faaf4c6c92a50ab05ecd4986916bbb92fe297a1b00357572683b02c61762cdf31dc425f03221dd169803252db5f04f7f","ssdeep":"1536:HYDhrXLgUVTf98fcANMQnJULOK+z2N2Vr8KO:HYDhrbZTF8ffZaOzM2Vr8z","tlshash":"804301fe4895feb9b094c7938d7131e02a664022453cbb71774b13b76368e7682892dc","first_seen":"2023-06-27T16:48:29Z","last_seen":"2026-04-03T21:00:00.71612Z","times_seen":5039,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":102,"dns":74,"connect":1,"send":0,"wait":9,"receive":3,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww/index/logo.700a5055.png","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tktyshiioopre.sbs/ww/","date":"2025-05-10T20:32:25.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tmarketsl.sbs","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Apr 2025 14:12:27 GMT","end":"Mon, 28 Jul 2025 14:12:26 GMT"},"fingerprint":{"sha1":"94:E7:B8:C3:80:52:7E:46:19:10:3F:05:41:BD:96:AA:10:33:21:E0","sha256":"86:83:CE:6C:3D:5D:C7:F4:2D:EC:E0:D5:B2:DA:91:2E:2B:45:6B:0C:58:AB:4D:E9:BB:13:2F:55:01:04:83:AD"}}},"request":{"raw":"GET /ww/index/logo.700a5055.png HTTP/1.1\r\nHost: tktyshiioopre.sbs\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tktyshiioopre.sbs/ww/index/main.d0945a0e.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 May 2025 20:32:25 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 30 Apr 2025 04:28:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6811a6e4-155b\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5467,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 235 x 32, 8-bit/color RGBA, non-interlaced","md5":"d7485358ad3a9fa25661192677b7b83b","sha1":"f5e65a9a82efd416e4e885e3693217ddef697c15","sha256":"308ab1ba1202bdbb1dcb2700873f9b1ce28fbbbc5b1914d34090966f6817c8ca","sha512":"2b4b2c1038097609f81557cb6b21cb51e79e076100e90f04f66a215c2ee903209bee9400fbb110c47bc0f0e3236b48820ab1780bd450f219d8487331c794fa05","ssdeep":"96:A8knmWI0Iy9EH7sRrvVO6/nNnV9zO6CbY9yJ2XWX97zU2sfbkFNqA3iwBbFMnU5d:Bknsy+berVOGNVJO3Y9dWts2s+EA3mnO","tlshash":"a0b16dc6f501b91d5627ef828cc904d78a778a80ded4654f7aa9801fc9323b37a94bc2","first_seen":"2025-04-25T08:54:28.101593Z","last_seen":"2025-07-03T13:59:36.061681Z","times_seen":5,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww/","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tk-viponline.cc/www","date":"2025-05-10T20:32:24.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tmarketsl.sbs","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Apr 2025 14:12:27 GMT","end":"Mon, 28 Jul 2025 14:12:26 GMT"},"fingerprint":{"sha1":"94:E7:B8:C3:80:52:7E:46:19:10:3F:05:41:BD:96:AA:10:33:21:E0","sha256":"86:83:CE:6C:3D:5D:C7:F4:2D:EC:E0:D5:B2:DA:91:2E:2B:45:6B:0C:58:AB:4D:E9:BB:13:2F:55:01:04:83:AD"}}},"request":{"raw":"GET /ww/ HTTP/1.1\r\nHost: tktyshiioopre.sbs\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://tktyshiioopre.sbs/www/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 May 2025 20:32:24 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 30 Apr 2025 04:28:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6811a6e4-176a0\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95904,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (41155)","md5":"d3e4d2c2d2c451fa190b605a84fd884d","sha1":"e947a8190e3aac09c445284131732102962d90b2","sha256":"302f10fa4b63f004bb68a03d9b591e38d211afd499e025fb19ab0a63a1dcf134","sha512":"6b2983bd0ce0442534e36c31302eca1268c1dfa2642df8580e6026d8b738e2705271c7ba8d7f185381e041461a800b9cef422f03dccbd74835142217354060bd","ssdeep":"1536:rPQ7fBhXt/t6tVWkVI6vnhnpgOYH9clPPBfJfMkNiCsNAj+Wfc:0qK+02fc","tlshash":"c8932a67311d2229524d0db6b6177a4eeb03a02aca42d7cdf4dc5eedcfd96820c4974e","first_seen":"2025-04-25T08:54:28.106654Z","last_seen":"2025-07-03T13:59:36.058405Z","times_seen":5,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mon.tiktokv.com/monitor_browser/collect/batch/?bid=tiktok_pns_web_runtime","fqdn":"mon.tiktokv.com","domain":"tiktokv.com","tld":"com"},"ip":{"addr":"95.101.10.26","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tktyshiioopre.sbs/ww/","date":"2025-05-10T20:32:28.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokv.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 23 Dec 2024 00:00:00 GMT","end":"Mon, 22 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"AD:88:39:88:B9:9E:CC:54:4D:91:5E:EE:9F:AA:DC:83:45:3A:85:F7","sha256":"28:00:B2:F3:F2:BB:08:BF:CA:16:24:73:C1:AE:AD:B2:13:32:D2:D0:F3:F8:2F:62:F9:B4:55:2E:EA:02:D8:AD"}}},"request":{"raw":"POST /monitor_browser/collect/batch/?bid=tiktok_pns_web_runtime HTTP/1.1\r\nHost: mon.tiktokv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://tktyshiioopre.sbs/\r\nContent-Type: application/json\r\nContent-Length: 2087\r\nOrigin: https://tktyshiioopre.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2087,"data":"{\"ev_type\":\"batch\",\"list\":[{\"ev_type\":\"custom\",\"payload\":{\"name\":\"sw_incompat\",\"type\":\"event\",\"metrics\":{\"count\":1},\"categories\":{\"__business__\":\"i18n_ecom_shop\"}},\"common\":{\"bid\":\"tiktok_pns_web_runtime\",\"pid\":\"/ww/\",\"view_id\":\"__1746909145334\",\"user_id\":\"88d28a35-d0dc-4e58-b1c9-2160f629e05e\",\"release\":\"1.0.0.721\",\"device_id\":\"afeaf1e2-fc42-4780-9760-b743ba6c5443\",\"session_id\":\"01c4b12c-5f27-4c43-a9d7-e61524d4d803\",\"env\":\"production\",\"sample_rate\":1,\"domain\":\"tktyshiioopre.sbs\",\"business\":\"i18n_ecom_shop\",\"url\":\"https://tktyshiioopre.sbs/ww/\",\"protocol\":\"https\",\"path\":\"/ww/\",\"query\":\"\",\"timestamp\":1746909145339,\"sdk_version\":\"0.0.1\",\"sdk_name\":\"SDK_SLARDAR_WEB\"}},{\"ev_type\":\"custom\",\"payload\":{\"name\":\"cost_time\",\"type\":\"event\",\"metrics\":{\"time\":18},\"categories\":{\"version\":\"1.0.0.721\",\"runtime_env\":\"out_app\",\"module\":\"loader\",\"__business__\":\"i18n_ecom_shop\"}},\"common\":{\"bid\":\"tiktok_pns_web_runtime\",\"pid\":\"/ww/\",\"view_id\":\"__1746909145334\",\"user_id\":\"88d28a35-d0dc-4e58-b1c9-2160f629e05e\",\"release\":\"1.0.0.721\",\"device_id\":\"afeaf1e2-fc42-4780-9760-b743ba6c5443\",\"session_id\":\"01c4b12c-5f27-4c43-a9d7-e61524d4d803\",\"env\":\"production\",\"sample_rate\":1,\"domain\":\"tktyshiioopre.sbs\",\"business\":\"i18n_ecom_shop\",\"url\":\"https://tktyshiioopre.sbs/ww/\",\"protocol\":\"https\",\"path\":\"/ww/\",\"query\":\"\",\"timestamp\":1746909145339,\"sdk_version\":\"0.0.1\",\"sdk_name\":\"SDK_SLARDAR_WEB\"}},{\"ev_type\":\"custom\",\"payload\":{\"name\":\"cost_time\",\"type\":\"event\",\"metrics\":{\"time\":8},\"categories\":{\"version\":\"1.0.0.721\",\"runtime_env\":\"out_app\",\"module\":\"core\",\"__business__\":\"i18n_ecom_shop\"}},\"common\":{\"bid\":\"tiktok_pns_web_runtime\",\"pid\":\"/ww/\",\"view_id\":\"__1746909145334\",\"user_id\":\"88d28a35-d0dc-4e58-b1c9-2160f629e05e\",\"release\":\"1.0.0.721\",\"device_id\":\"afeaf1e2-fc42-4780-9760-b743ba6c5443\",\"session_id\":\"01c4b12c-5f27-4c43-a9d7-e61524d4d803\",\"env\":\"production\",\"sample_rate\":1,\"domain\":\"tktyshiioopre.sbs\",\"business\":\"i18n_ecom_shop\",\"url\":\"https://tktyshiioopre.sbs/ww/\",\"protocol\":\"https\",\"path\":\"/ww/\",\"query\":\"\",\"timestamp\":1746909145340,\"sdk_version\":\"0.0.1\",\"sdk_name\":\"SDK_SLARDAR_WEB\"}}]}"}},"response":{"raw":"HTTP/2 204 No Content\r\ncontent-type: application/json; charset=utf-8\r\nx-tt-logid: 20250510203227457D74495BD3A270CB46\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV\r\naccess-control-allow-methods: POST, OPTIONS, GET\r\naccess-control-max-age: 600\r\ncross-origin-resource-policy: cross-origin\r\nx-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb69af4e863bae9c05892b6d281a81c3b107af66333949e557f91b268c524f394d26fee08393e712aee362cc5a095dcb4ed220f9503be8c14c7af40b6a3923f74c404de3069b6fb0d373ceb15985e0a16ea\r\nx-tt-trace-id: 00-250510203227457D74495BD3A270CB46-0EF921883EBC660E-00\r\nserver: TLB\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\nexpires: -1\r\nx-origin-response-time: 13,23.35.17.135\r\nx-akamai-request-id: 1e977a02.1ec59b06\r\ndate: Sat, 10 May 2025 20:32:28 GMT\r\nx-cache: TCP_MISS from a95-101-10-55.deploy.akamaitechnologies.com (AkamaiGHost/22.1.1.1-d05c6443fdf0ef1ad227a2aacc363f6e) (-)\r\nx-cache-remote: TCP_MISS from a23-35-17-135.deploy.akamaitechnologies.com (AkamaiGHost/22.1.2-812cedcbf35ba002177d10138ee3fcd0) (-)\r\nx-parent-response-time: 118,95.101.10.55\r\nx-tt-trace-tag: id=16;cdn-cache=miss;type=dyn\r\nserver-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=13, inner; dur=4\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tk-viponline.cc/www","fqdn":"tk-viponline.cc","domain":"tk-viponline.cc","tld":"cc"},"ip":{"addr":"156.245.210.82","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-05-10T20:32:16.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tk-viponline.cc","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Apr 2025 03:22:10 GMT","end":"Tue, 29 Jul 2025 03:22:09 GMT"},"fingerprint":{"sha1":"B2:18:AE:BB:5D:2D:A6:1F:81:C2:D3:16:4F:01:61:21:0F:25:A6:25","sha256":"84:5F:1D:2B:06:95:83:A8:04:8B:E0:8C:4C:89:86:59:6F:15:EA:81:27:A1:23:65:3D:4B:3B:09:BB:01:2E:65"}}},"request":{"raw":"GET /www HTTP/1.1\r\nHost: tk-viponline.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":1627,"data":"e=37dfbd8ee84e00126ee8ce35e24e8d989225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f674cd3d28f0f7d6e1dfc2e7301d532893692023151759a55050e3c0d59cfbc3f1d77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a3231f7923d1d32824d886091b2944230402a58778607e05f2fc402fdea3a32990f247604379b9aca6939974b6c1cc1fa90a8e522c3a89acdaf6fc2b8f98b728d32d4996bbd46e4744ab3e27b6c34b39f1cae766db53ed4cb3980a801a9a8c209a2a3f979927da6d8cc0bbe185fd9d6638ea3de4a9f02b4d26f982719ab55ea1071357821f18d092c39081bccb70c92090c6f5ab7eff5a7c3a8f3a64d6929c4124dbe431e443e99041907ca378504851cb76f14dd0c4ba74bd842ecc11ebcf849b6bce170468fe7f1a58794568ecaa23ec059b8cc964a19e44f39b2bd694c2f83dd7f0a81f283e98e71e1ce2e45b0852aea2b47ab93b98e240f2e326b560bd329357c809d1aa3cdb0721e4af8e7b393f646e36190852f3b59e66c003a94449472ff1b447d69f1d129ebd83dcf62bbd91bea9ec82edb917342ee755c5f3003a9149771ac9625a756aff7ba77f1ec7f5b01dc83fa551d6d2798fe90cc80e4e46321e6e57d999b0c936695484194291d5d0bbb8c3540080b0bc0ff78b2f2f8ed1507d3c99fb802433ab35c71fc908e954f60ec98a57a1a838e2879a86c9033393bf6832c62ff9d3d2fe41c5336a040f96745104e4e14d85ed14ca9b93d4468ddad62104365bac7df650e847b8806996304b3d537a203df3508e9d210afa3c91b5ff35c5dd12cf2726ed0376319eead91648b132a6cc02d00631004abb3b3090f6813dd95d3f869742e2cdd7fa8041da59493057b62e634096ce4900e671\u0026cri=C8tunq5rtb\u0026sf=0\u0026dc=\u0026cp=5\u0026gtm=-\u0026gac=-\u0026tb=1\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=5009\u0026mo=0\u0026pn=7227\u0026spn=2216\u0026fp=797\u0026snt=1"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 May 2025 20:32:17 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 30 Apr 2025 04:21:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6811a53c-1759\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5977,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"eaf53e4bcf85bfb4b379ba74d2bc8435","sha1":"5712ac79bb187ade3761767873778fdb9c046a04","sha256":"8bd512f4f9b6e4927008231ec05250def5fca97d005e2a33468f5320f2ccf59e","sha512":"ac680fac840a458a1429ae0f5e151fd5104179e8847252a8351e2c700d2ea94394cb60a1a57303fc4bcb995add46bb7bc2c36524cdf00deea2f21ae045dd271c","ssdeep":"96:RuPrzBfsY0Td0x3K2Pby/ZngyAmPLyJtoqzv7A1HCG6YHdPybSn63Y0Nk:RuPrzBfsY0Tix3K2Pby/ZngyAmPLyJtY","tlshash":"62c15f4e1de350068523f2391bee560923358107760bce283b9e2a84cfd5e6dadc2bdc","first_seen":"2025-05-10T20:32:49.012846Z","last_seen":"2025-05-10T20:32:49.012846Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1573,"timings":{"blocked":662,"dns":16,"connect":245,"send":0,"wait":249,"receive":0,"ssl":398},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tk-viponline.cc/favicon.ico","fqdn":"tk-viponline.cc","domain":"tk-viponline.cc","tld":"cc"},"ip":{"addr":"156.245.210.82","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tk-viponline.cc/www","date":"2025-05-10T20:32:17.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tk-viponline.cc","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Apr 2025 03:22:10 GMT","end":"Tue, 29 Jul 2025 03:22:09 GMT"},"fingerprint":{"sha1":"B2:18:AE:BB:5D:2D:A6:1F:81:C2:D3:16:4F:01:61:21:0F:25:A6:25","sha256":"84:5F:1D:2B:06:95:83:A8:04:8B:E0:8C:4C:89:86:59:6F:15:EA:81:27:A1:23:65:3D:4B:3B:09:BB:01:2E:65"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: tk-viponline.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tk-viponline.cc/www\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 May 2025 20:32:17 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 30 Apr 2025 04:21:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6811a53c-1759\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5977,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"eaf53e4bcf85bfb4b379ba74d2bc8435","sha1":"5712ac79bb187ade3761767873778fdb9c046a04","sha256":"8bd512f4f9b6e4927008231ec05250def5fca97d005e2a33468f5320f2ccf59e","sha512":"ac680fac840a458a1429ae0f5e151fd5104179e8847252a8351e2c700d2ea94394cb60a1a57303fc4bcb995add46bb7bc2c36524cdf00deea2f21ae045dd271c","ssdeep":"96:RuPrzBfsY0Td0x3K2Pby/ZngyAmPLyJtoqzv7A1HCG6YHdPybSn63Y0Nk:RuPrzBfsY0Tix3K2Pby/ZngyAmPLyJtY","tlshash":"62c15f4e1de350068523f2391bee560923358107760bce283b9e2a84cfd5e6dadc2bdc","first_seen":"2025-05-10T20:32:49.012846Z","last_seen":"2025-05-10T20:32:49.012846Z","times_seen":1,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/www","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tk-viponline.cc/www","date":"2025-05-10T20:32:18.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tmarketsl.sbs","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Apr 2025 14:12:27 GMT","end":"Mon, 28 Jul 2025 14:12:26 GMT"},"fingerprint":{"sha1":"94:E7:B8:C3:80:52:7E:46:19:10:3F:05:41:BD:96:AA:10:33:21:E0","sha256":"86:83:CE:6C:3D:5D:C7:F4:2D:EC:E0:D5:B2:DA:91:2E:2B:45:6B:0C:58:AB:4D:E9:BB:13:2F:55:01:04:83:AD"}}},"request":{"raw":"GET /www HTTP/1.1\r\nHost: tktyshiioopre.sbs\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tk-viponline.cc/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":230,"data":"40/client,{\"token\":\"b059211b-e4d3-4e2d-8153-eaa3265e06fa\",\"hash\":\"67279e43-ed23-42bf-8696-c9bb92f2ef9b\",\"host\":\"tinctcomputerotac.ssmailer.com\",\"ua\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"id\":null}"}},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Sat, 10 May 2025 20:32:19 GMT\r\ncontent-type: text/html\r\ncontent-length: 162\r\nlocation: https://tktyshiioopre.sbs/www/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":1617,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":1751,"timings":{"blocked":748,"dns":60,"connect":255,"send":0,"wait":255,"receive":0,"ssl":429},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tk-viponline.cc/www","date":"2025-05-10T20:32:24.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tmarketsl.sbs","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Apr 2025 14:12:27 GMT","end":"Mon, 28 Jul 2025 14:12:26 GMT"},"fingerprint":{"sha1":"94:E7:B8:C3:80:52:7E:46:19:10:3F:05:41:BD:96:AA:10:33:21:E0","sha256":"86:83:CE:6C:3D:5D:C7:F4:2D:EC:E0:D5:B2:DA:91:2E:2B:45:6B:0C:58:AB:4D:E9:BB:13:2F:55:01:04:83:AD"}}},"request":{"raw":"GET /ww HTTP/1.1\r\nHost: tktyshiioopre.sbs\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tktyshiioopre.sbs/www/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":192,"data":"42[\"WIDGET_PING\",{\"payload\":{\"identifier\":\"AV4Aof_fpx_1xx33T13R_drfrtrnlvZ5vzvnfTkyVcMnFhjMqabfHR0Yxw9PPBct2VoY9DcjrR7XD8zIdVC0TbuA9eTGSKRfN4U45NLXjbIRYRiXYAx4juPVBIj8KxmedIJC\"},\"actionId\":0}]"}},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Sat, 10 May 2025 20:32:24 GMT\r\ncontent-type: text/html\r\ncontent-length: 162\r\nlocation: https://tktyshiioopre.sbs/ww/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":95904,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":255,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww/index/main.d0945a0e.css","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tktyshiioopre.sbs/ww/","date":"2025-05-10T20:32:24.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tmarketsl.sbs","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Apr 2025 14:12:27 GMT","end":"Mon, 28 Jul 2025 14:12:26 GMT"},"fingerprint":{"sha1":"94:E7:B8:C3:80:52:7E:46:19:10:3F:05:41:BD:96:AA:10:33:21:E0","sha256":"86:83:CE:6C:3D:5D:C7:F4:2D:EC:E0:D5:B2:DA:91:2E:2B:45:6B:0C:58:AB:4D:E9:BB:13:2F:55:01:04:83:AD"}}},"request":{"raw":"GET /ww/index/main.d0945a0e.css HTTP/1.1\r\nHost: tktyshiioopre.sbs\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tktyshiioopre.sbs/ww/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 May 2025 20:32:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 30 Apr 2025 04:28:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6811a6e4-3c82\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15490,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (15490), with no line terminators","md5":"bc476378317c59638f0c3afae58ba334","sha1":"2f71dcfbd674116f9f029a1513f7c6d9cb87a9f9","sha256":"3323829dff9875a86b047f2a6e7a638907eb18163782734feac8e6ee77460f4a","sha512":"b2c72776be36c8f1f07c8f4419f804e311aca0a1204f626999a8637455e095ec5c5cd9d65e4b012696dce96b577aa1383b51d63bbd6dd7fd070aaf0b28e86e0c","ssdeep":"192:bIb/8DPjg7xO8vgVnYVr8+V1XrucYyURvaHHduaaHHdieMw0Y4lxj/o7:bEUPj8vgpir91SbaHHAHHWj8","tlshash":"e962b913e41a801b94eb5c173bcade193f9ba5192e15fb1fe8344ec68df1963112d706","first_seen":"2025-04-25T08:54:28.116507Z","last_seen":"2026-02-08T16:47:27.431911Z","times_seen":14,"resource_available":false,"data":null}},"time_used":655,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":655,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/www/","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tk-viponline.cc/www","date":"2025-05-10T20:32:19.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tmarketsl.sbs","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Apr 2025 14:12:27 GMT","end":"Mon, 28 Jul 2025 14:12:26 GMT"},"fingerprint":{"sha1":"94:E7:B8:C3:80:52:7E:46:19:10:3F:05:41:BD:96:AA:10:33:21:E0","sha256":"86:83:CE:6C:3D:5D:C7:F4:2D:EC:E0:D5:B2:DA:91:2E:2B:45:6B:0C:58:AB:4D:E9:BB:13:2F:55:01:04:83:AD"}}},"request":{"raw":"GET /www/ HTTP/1.1\r\nHost: tktyshiioopre.sbs\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://tk-viponline.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":2411,"data":"e=37dfbd8ee84e00126ee8ce35e24e8d989225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f674cd3d28f0f7d6e1dfc2e7301d532893692023151759a55050e3c0d59cfbc3f1d77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a3231f7923d1d32824d886091b2944230402a58778607e05f2fc402fdea3a32990f247604379b9aca6939974b6c1cc1fa90a8e522c3a89acdaf6fc2b8f98b728d32d4996bbd46e4744ab3e27b6c34b39f1cae766db53ed4cb3980a801a9a8c209a2a3f979927da6d8cc0bbe185fd9d6638ea3de4a9f02b4d26f982719ab55ea1071357821f18d092c39081bccb70c92090c6f5ab7eff5a7c3a8f3a64d6929c4124dbe431e443e99041907ca378504851cb76f14dd0c4ba74bd842ecc11ebcf849b6bce170468fe7f1a58794568ecaa23ec059b8cc964a19e44f39b2bd694c2f83dd7f0a81f283e98e71e1ce2e45b0852aea2b47ab93b98e240f2e326b560bd329357c809d1aa3cdb0721e4af8e7b393f646e36190852f3b59e66c003a94449472ff1b447d69f1d129ebd83dcf62bbd91bea9ec82edb917342ee755c5f3003a9149771ac9625a756aff7ba77f1ec7f5b01dc83fa551d6d2798fe90cc80e4e46321e6e57d999b0c936695484194291d5d0bbb8c3540080b0bc0ff78b2f2f8ed1507d3c99fb802433ab35c71fc908e954f60ec98a57a1a838e2879a86c9033393bf6832c62ff9d3d2fe41c5336a040f96745104e4e14d85ed14ca9b93d4468ddad62104365bac7df650e847b8806996304b3d537a203df3508e9d210afa3c91b5ff35c5dd12cf2726ed0376319eead91648b132a6cc02d00631004abb3b3090f6813dd95d3f869742e2cdd7fa8041da59493057b62e634096ce4900e671\u0026cri=C8tunq5rtb\u0026sf=0\u0026dc=LiYiOipdOi0tdy06LS06LVxxanNzOi1cLS4uOi1cLC0qLDotXC4mLSc6LVwtLy8tOi1cLicnLDotXC0vLy46LVwuJyooOi1cLzotXC4uOi1cLS8pKTotXC0vKSc6Kls5LC4iOihdOi0taDotLTosXi4oLTotXDotLXc6LS06LF4rLTotXDotLX1AOi0tOixeLio6KFs5KC4iOihdOi0tbDotLTosXi86LVw6LS1yOi0tOixeLzotXDotLWg6LS06LF4vOi1cOi0tfUA6LS06LF4uKSs6KFs5LisuIjooXTotLWw6LS06LF4uOi1cOi0tfUA6LS06LF4vOihbOS4qJiI6KF06LS16LzotLTosXjotLWwxeHprXX5ra3ptZjotL3ZsOi0vcXBrOi0vfjotL3lqcXxrdnBxOi0tOi1cOi0tfUA6LS06LF4vOihbOSwtKSI6Kl06KF06LS19Oi0tOixeLzotXDotLWw6LS06LF46LS0uOi0tOihbOi1cOihdOi0tfTotLTosXi86LVw6LS1sOi0tOixeOi0tLjotLTooWzoqWzkqLS8iOihdOi0tbzotLTosXjotLVN2cWpnOi0vZycpQCkrOi0tOi1cOi0tczotLTosXjoqXTotLXpxMkpMOi0tOi1cOi0tenE6LS06Kls6LVw6LS13fDotLTosXisnOi1cOi0tfUA6LS06LF4uKi06KFs5JygrIjooXTotLWw6LS06LF4sOi1cOi0tamlvfjotLTosXi86LVw6LS19QDotLTosXi86KFs%3D\u0026cp=1\u0026gtm=-\u0026gac=-\u0026tb=1\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=1002\u0026mo=0\u0026pn=3220\u0026spn=2216\u0026fp=797"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 May 2025 20:32:20 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 30 Apr 2025 04:27:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6811a6c1-651\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1617,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (433)","md5":"43574610776b6417762e23e0602225bd","sha1":"fbbb6faea9454bea4e955e32e21035dbb6dccb39","sha256":"ba12796ed7ee767c6c47fc28a56a4b4c79a875f20e9a4da83af28758b145a4ad","sha512":"3dd189b7bc5bb5f1fda0ddda41fdc77f0904762d56e21a185a29cafa1f4d92f8124a88b743ae4c826b05af0db2a6ed8bf8f2f2175f5754ec402dfe7b84d65aab","ssdeep":"","tlshash":"61314457fef8c5b646981d5b7829f5083ce10a958a0a984029efd4f8c910fe98d5bc84","first_seen":"2025-05-10T20:32:49.016899Z","last_seen":"2025-05-10T20:32:49.016899Z","times_seen":1,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_fonts/TikTokFont-Semibold.woff2?_default_font=1\u0026v=2","fqdn":"sf16-website-login.neutral.ttwstatic.com","domain":"ttwstatic.com","tld":"com"},"ip":{"addr":"23.36.76.163","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tktyshiioopre.sbs/ww/","date":"2025-05-10T20:32:25.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.neutral.ttwstatic.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 02 Jul 2024 00:00:00 GMT","end":"Tue, 01 Jul 2025 23:59:59 GMT"},"fingerprint":{"sha1":"ED:EC:B0:27:FC:9B:90:0E:FA:A2:89:18:E6:30:D2:BB:60:D2:B6:59","sha256":"71:CA:5A:2A:FA:47:E6:1A:DE:DF:5F:55:7B:65:0C:F1:C9:04:2A:E5:19:D6:91:42:9B:4C:7D:2F:5E:28:45:CF"}}},"request":{"raw":"GET /obj/tiktok_web_login_static/tiktok_fonts/TikTokFont-Semibold.woff2?_default_font=1\u0026v=2 HTTP/1.1\r\nHost: sf16-website-login.neutral.ttwstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tktyshiioopre.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tktyshiioopre.sbs/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":1630,"data":"e=37dfbd8ee84e00126ee8ce35e24e8d989225c24f567d43d6da1908be6245cad7bd70a976710ce60ed89373bfe70e9c20c1e53e8d56118a6d2217071a10acf9f29f674cd3d28f0f7d6e1dfc2e7301d532893692023151759a55050e3c0d59cfbc3f1d77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a3231f7923d1d32824d886091b2944230402a58778607e05f2fc402fdea3a32990f247604379b9aca6939974b6c1cc1fa90a8e522c3a89acdaf6fc2b8f98b728d32d4996bbd46e4744ab3e27b6c34b39f1cae766db53ed4cb3980a801a9a8c209a2a3f979927da6d8cc0bbe185fd9d6638ea3de4a9f02b4d26f982719ab55ea1071357821f18d092c39081bccb70c92090c6f5ab7eff5a7c3a8f3a64d6929c4124dbe431e443e99041907ca378504851cb76f14dd0c4ba74bd842ecc11ebcf849b6bce170468fe7f1a58794568ecaa23ec059b8cc964a19e44f39b2bd694c2f83dd7f0a81f283e98e71e1ce2e45b0852aea2b47ab93b98e240f2e326b560bd329357c809d1aa3cdb0721e4af8e7b393f646e36190852f3b59e66c003a94449472ff1b447d69f1d129ebd83dcf62bbd91bea9ec82edb917342ee755c5f3003a9149771ac9625a756aff7ba77f1ec7f5b01dc83fa551d6d2798fe90cc80e4e46321e6e57d999b0c936695484194291d5d0bbb8c3540080b0bc0ff78b2f2f8ed1507d3c99fb802433ab35c71fc908e954f60ec98a57a1a838e2879a86c9033393bf6832c62ff9d3d2fe41c5336a040f96745104e4e14d85ed14ca9b93d4468ddad62104365bac7df650e847b8806996304b3d537a203df3508e9d210afa3c91b5ff35c5dd12cf2726ed0376319eead91648b132a6cc02d00631004abb3b3090f6813dd95d3f869742e2cdd7fa8041da59493057b62e634096ce4900e671\u0026cri=C8tunq5rtb\u0026sf=0\u0026dc=\u0026cp=15\u0026gtm=-\u0026gac=-\u0026tb=1\u0026ws=1280x1024\u0026wos=1280x1024\u0026ver=13\u0026fi=\u0026ti=15021\u0026mo=0\u0026pn=17240\u0026spn=2216\u0026fp=797\u0026snt=1"}},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-length: 56968\r\ncontent-md5: z9iG4cqEmn+OJgB2PyNteA==\r\nlast-modified: Mon, 21 Oct 2024 05:45:19 GMT\r\netag: e1feedcc-ee56-4df5-856f-9fb9de63b9e4\r\nversion-id: 63d3b69f-5e1a-439c-94c2-65aabed8d110\r\nstorage-tier: Standard\r\ncontent-type: font/woff2\r\nopc-request-id: iad-1:T2slkZvMPll05vyG6Q2xyxyoIAey2gtP9AYS9oXzc9RX7Wnd0k-rdRKMyMiTWAzn\r\nx-api-id: native\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options\r\ncache-control: max-age=2592000\r\nexpires: Mon, 09 Jun 2025 20:32:25 GMT\r\ndate: Sat, 10 May 2025 20:32:25 GMT\r\nx-cache: TCP_MEM_HIT from a23-36-76-159.deploy.akamaitechnologies.com (AkamaiGHost/22.1.2-812cedcbf35ba002177d10138ee3fcd0) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=0\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 30d6719\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":56968,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), CFF, length 56968, version 1.0","md5":"cfd886e1ca849a7f8e2600763f236d78","sha1":"c1fc2b10d20c529c01b465a1edc0ed2fe04f0bd5","sha256":"c0b1c3c6995c24eabd1a6fcc4f00523e022b546cf1fa4fce6c30d04763244d1b","sha512":"254e37e3650b2c87b524c96f517586b690094abf7c8e0539b050ecdc4c56c2593bedab7b1a830b827ddc19f1c3e05ff4096ebdf4cc969b5bc5fd33cb34e94fd8","ssdeep":"1536:WJG/KL/shmr0SyKV2i0Qz0j72A2+0G+gSRLBeFDP3:liL/8mV2i0ac6A25G+1LBehf","tlshash":"444302ec6a22f9adab11e5e847349ac2f140d6de34156293509edb98200f24ecdcb75d","first_seen":"2023-06-27T16:48:29Z","last_seen":"2026-04-03T21:00:00.709329Z","times_seen":5007,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":102,"dns":70,"connect":5,"send":0,"wait":2,"receive":2,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"wss://tk-viponline.cc/wss/7e8e638b413f49f8a7117d1b68b7387d","fqdn":"tk-viponline.cc","domain":"tk-viponline.cc","tld":"cc"},"ip":{"addr":"156.245.210.82","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tk-viponline.cc/www","date":"2025-05-10T20:32:17.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tk-viponline.cc","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Apr 2025 03:22:10 GMT","end":"Tue, 29 Jul 2025 03:22:09 GMT"},"fingerprint":{"sha1":"B2:18:AE:BB:5D:2D:A6:1F:81:C2:D3:16:4F:01:61:21:0F:25:A6:25","sha256":"84:5F:1D:2B:06:95:83:A8:04:8B:E0:8C:4C:89:86:59:6F:15:EA:81:27:A1:23:65:3D:4B:3B:09:BB:01:2E:65"}}},"request":{"raw":"GET /wss/7e8e638b413f49f8a7117d1b68b7387d HTTP/1.1\r\nHost: tk-viponline.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://tk-viponline.cc\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: UKrb+yUWwRrQLqHxK2TGNw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 \r\nServer: nginx\r\nDate: Sat, 10 May 2025 20:32:18 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: sS1ShFM9BxwcqZOu1pXEinwWSOE=\r\nSec-WebSocket-Extensions: permessage-deflate\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":790,"timings":{"blocked":-1,"dns":1,"connect":254,"send":0,"wait":263,"receive":3,"ssl":269},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww/index/devtools.js?globalName=__PNS_RUNTIME__\u0026__PNS_SW_CACHE__=1\u0026__PNS_SW_CACHE_KEY__=to-json-schema","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tktyshiioopre.sbs/ww/","date":"2025-05-10T20:32:25.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tmarketsl.sbs","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Apr 2025 14:12:27 GMT","end":"Mon, 28 Jul 2025 14:12:26 GMT"},"fingerprint":{"sha1":"94:E7:B8:C3:80:52:7E:46:19:10:3F:05:41:BD:96:AA:10:33:21:E0","sha256":"86:83:CE:6C:3D:5D:C7:F4:2D:EC:E0:D5:B2:DA:91:2E:2B:45:6B:0C:58:AB:4D:E9:BB:13:2F:55:01:04:83:AD"}}},"request":{"raw":"GET /ww/index/devtools.js?globalName=__PNS_RUNTIME__\u0026__PNS_SW_CACHE__=1\u0026__PNS_SW_CACHE_KEY__=to-json-schema HTTP/1.1\r\nHost: tktyshiioopre.sbs\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tktyshiioopre.sbs/ww/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 May 2025 20:32:25 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 30 Apr 2025 04:28:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6811a6e4-f1d\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3869,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3869), with no line terminators","md5":"724c2f8b9e59af803cf65dcc40491b68","sha1":"2aa047c51b36bf5ad02ff6b0e697b128c6bee081","sha256":"280931da13557f35b6d0f9dde5ccb7a6f617ee43f1dc5466cbdff40e60d6dbfc","sha512":"e4b85234356633c15ae33de3f5932eba66e284ce7202e2d5e1c61f805a2e8e9b33e5b7e642969923e6ff1ba406d207d14fbb31af9146e0bf4cea6c52c7a6a814","ssdeep":"","tlshash":"358130cd79d3f06482a261a8003f911ff73e6d16e45da490d00af8a07cb8d9bd163aed","first_seen":"2025-04-25T08:54:28.109012Z","last_seen":"2025-07-03T13:59:36.059214Z","times_seen":6,"resource_available":true,"data":null}},"time_used":260,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/www/js/index-c0807226.js","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tktyshiioopre.sbs/www/","date":"2025-05-10T20:32:20.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tmarketsl.sbs","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Apr 2025 14:12:27 GMT","end":"Mon, 28 Jul 2025 14:12:26 GMT"},"fingerprint":{"sha1":"94:E7:B8:C3:80:52:7E:46:19:10:3F:05:41:BD:96:AA:10:33:21:E0","sha256":"86:83:CE:6C:3D:5D:C7:F4:2D:EC:E0:D5:B2:DA:91:2E:2B:45:6B:0C:58:AB:4D:E9:BB:13:2F:55:01:04:83:AD"}}},"request":{"raw":"GET /www/js/index-c0807226.js HTTP/1.1\r\nHost: tktyshiioopre.sbs\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tktyshiioopre.sbs/www/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":1,"data":"3"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 May 2025 20:32:20 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 30 Apr 2025 04:27:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6811a6c0-4112fe\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4264702,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31864)","md5":"4fca6dfa46c1f413e586b5e6efc31d5b","sha1":"f4580ad78a7bef77a85a49dce5d2c819484f95fb","sha256":"13ed87a70d74f4552e9c88a65635b0f948b24485b9eba5a3e975bd310c45b6a6","sha512":"5c4234f183e42402092e07df6673c5b30a932c5474c7dc4ff77c8b7cbc5a232e57140e88e4bbbbdfd2cdd59bd2ca14d7401020facadc07e708c1f5f914d4f7c0","ssdeep":"49152:eAQapiSzb19NCZ04+OzDKtYZ4mFKVzrhDR7CIHtdXU0MLLh7N/Dxj/tcUeoSc1XN:3Yd","tlshash":"ec1671ac67bab2488a48e0d7ec333d8d8c44d9859017d2f74fbd5ab39391301da5af16","first_seen":"2025-05-10T20:32:49.021084Z","last_seen":"2025-05-10T20:32:49.021084Z","times_seen":1,"resource_available":false,"data":null}},"time_used":512,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":512,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww/index/index.js.%E4%B8%8B%E8%BC%89","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tktyshiioopre.sbs/ww/","date":"2025-05-10T20:32:24.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tmarketsl.sbs","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Apr 2025 14:12:27 GMT","end":"Mon, 28 Jul 2025 14:12:26 GMT"},"fingerprint":{"sha1":"94:E7:B8:C3:80:52:7E:46:19:10:3F:05:41:BD:96:AA:10:33:21:E0","sha256":"86:83:CE:6C:3D:5D:C7:F4:2D:EC:E0:D5:B2:DA:91:2E:2B:45:6B:0C:58:AB:4D:E9:BB:13:2F:55:01:04:83:AD"}}},"request":{"raw":"GET /ww/index/index.js.%E4%B8%8B%E8%BC%89 HTTP/1.1\r\nHost: tktyshiioopre.sbs\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tktyshiioopre.sbs/ww/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":192,"data":"42[\"WIDGET_PING\",{\"payload\":{\"identifier\":\"AV4Aof_fpx_1xx33T13R_drfrtrnlvZ5vzvnfTkyVcMnFhjMqabfHR0Yxw9PPBct2VoY9DcjrR7XD8zIdVC0TbuA9eTGSKRfN4U45NLXjbIRYRiXYAx4juPVBIj8KxmedIJC\"},\"actionId\":0}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 May 2025 20:32:24 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 75627\r\nlast-modified: Wed, 30 Apr 2025 04:28:20 GMT\r\netag: \"6811a6e4-1276b\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":75627,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (59795)","md5":"24ae72b0820606486469c4c6a8f79989","sha1":"4fbb73b7054636f3475a429234b83f3b7697d020","sha256":"1af1de4e9c9ae430f515ff8df3e2277ec6b3654b25430b827c090fe5d708c8a0","sha512":"ab8dbb743e63d76776a6683429570617ccd58df2b816f4181386882d4c68d8e39c6a0a2d21b146ec7516e3890ff81cc76ca198ca9beb660d5b1bb803edf0f60c","ssdeep":"768:oSCRKEIyQY5dWkWU4ttZxigSEsCXCaCWEl2DJjmdSLsWWsSup3f2+jGAOrPqZAkN:Y5dWhtzrIt+Gs3fEAOzqZA0s0qZAnZV","tlshash":"bf73e8d7b195b06147a365e4a43f260ff23b780aaec5c0d2d212d6d42c6c7d6a122fed","first_seen":"2024-06-21T10:24:22Z","last_seen":"2025-07-03T13:59:36.063851Z","times_seen":10,"resource_available":true,"data":null}},"time_used":271,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":266,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tktyshiioopre.sbs/ww/index/626.763cf3e5.js.%E4%B8%8B%E8%BC%89","fqdn":"tktyshiioopre.sbs","domain":"tktyshiioopre.sbs","tld":"sbs"},"ip":{"addr":"156.245.210.86","port":443,"asn":62468,"as":"HKCLOUDX","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tktyshiioopre.sbs/ww/","date":"2025-05-10T20:32:24.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tmarketsl.sbs","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Apr 2025 14:12:27 GMT","end":"Mon, 28 Jul 2025 14:12:26 GMT"},"fingerprint":{"sha1":"94:E7:B8:C3:80:52:7E:46:19:10:3F:05:41:BD:96:AA:10:33:21:E0","sha256":"86:83:CE:6C:3D:5D:C7:F4:2D:EC:E0:D5:B2:DA:91:2E:2B:45:6B:0C:58:AB:4D:E9:BB:13:2F:55:01:04:83:AD"}}},"request":{"raw":"GET /ww/index/626.763cf3e5.js.%E4%B8%8B%E8%BC%89 HTTP/1.1\r\nHost: tktyshiioopre.sbs\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tktyshiioopre.sbs/ww/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 10 May 2025 20:32:24 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 1142590\r\nlast-modified: Wed, 30 Apr 2025 04:28:20 GMT\r\netag: \"6811a6e4-116f3e\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1142590,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (65466)","md5":"5ac62c269b7b669c9f867ab68eac4c92","sha1":"addad8d9880677fbea42b5cf5a2107435e3aade1","sha256":"cdee316523aee1dd10583410e7f8b2d9ef975f8e3ccf09457503544216ac6abc","sha512":"6d164d9b15bbb64a8f30c9f4c39a4476387e1203ffc4575039135c72d020871481b57786a32d08e788cec03afacc1b0b057ed69c6dfb9a6703d9e7865c23db3f","ssdeep":"12288:buhg5GSmW3nT8deIi5AsOsmOszmfMrLPycG:Cy53hTCepTLyyaecG","tlshash":"f5353acd7295f06243e361b5502f240bb33a2a59784d8464f662e8e57cb994f923bf3c","first_seen":"2025-04-25T08:54:28.107919Z","last_seen":"2025-07-03T13:59:36.063345Z","times_seen":6,"resource_available":true,"data":null}},"time_used":572,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":302,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-10","alert":"Sinkholed","trigger":"tktyshiioopre.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mon.tiktokv.com/monitor_browser/collect/batch/?bid=tiktok_pns_web_runtime","fqdn":"mon.tiktokv.com","domain":"tiktokv.com","tld":"com"},"ip":{"addr":"95.101.10.26","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"https://tktyshiioopre.sbs/ww/","date":"2025-05-10T20:32:28.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokv.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 23 Dec 2024 00:00:00 GMT","end":"Mon, 22 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"AD:88:39:88:B9:9E:CC:54:4D:91:5E:EE:9F:AA:DC:83:45:3A:85:F7","sha256":"28:00:B2:F3:F2:BB:08:BF:CA:16:24:73:C1:AE:AD:B2:13:32:D2:D0:F3:F8:2F:62:F9:B4:55:2E:EA:02:D8:AD"}}},"request":{"raw":"OPTIONS /monitor_browser/collect/batch/?bid=tiktok_pns_web_runtime HTTP/1.1\r\nHost: mon.tiktokv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://tktyshiioopre.sbs/\r\nOrigin: https://tktyshiioopre.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nx-tt-logid: 202505102032272D72895F97FC9066BF2D\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV\r\naccess-control-allow-methods: POST, OPTIONS, GET\r\naccess-control-max-age: 600\r\ncross-origin-resource-policy: cross-origin\r\nx-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb69af4e863bae9c05892b6d281a81c3b102476b587d34b1604bcb1b7855d0226897c3286e9d951e5bae8fe84b572feb1c4d2ca396c0b17dcbad1af5973c001312f7f26ee90470ed35eeb854b8036bc2a0a\r\nx-tt-trace-id: 00-2505102032272D72895F97FC9066BF2D-4D5F186154ACB16E-00\r\nserver: TLB\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\nexpires: -1\r\nx-origin-response-time: 12,23.35.17.137\r\nx-akamai-request-id: 8bee1b54.1ec599cf\r\ndate: Sat, 10 May 2025 20:32:28 GMT\r\nx-cache: TCP_MISS from a95-101-10-55.deploy.akamaitechnologies.com (AkamaiGHost/22.1.1.1-d05c6443fdf0ef1ad227a2aacc363f6e) (-)\r\nx-cache-remote: TCP_MISS from a23-35-17-137.deploy.akamaitechnologies.com (AkamaiGHost/22.1.1.1-d05c6443fdf0ef1ad227a2aacc363f6e) (-)\r\nx-parent-response-time: 107,95.101.10.55\r\nx-tt-trace-tag: id=16;cdn-cache=miss;type=dyn\r\nserver-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=12, inner; dur=2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":368,"timings":{"blocked":128,"dns":92,"connect":1,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}