{"report_id":"f1fa2fd6-bdac-419f-9b4d-b58f7fd5a421","version":6,"status":"done","tags":[],"date":"2025-12-26T00:30:34Z","url":{"schema":"http","addr":"m.dabaixiche.com/","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":0,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"final":{"url":{"schema":"https","addr":"m.dabaixiche.com/","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"title":"tokenim钱包官网下载-tokenim钱包最新下载(tokenim)官网-tokenim钱包app\\tokenim官方钱包下载|Ethereum \u0026Bitcoin Wallet","dom":{"size":146,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"b758902c11535f52e2e15005935a3c98","sha1":"18c95a57c3c2dac3a1d26d607dd9aa2a5784d5cb","sha256":"0a1ee78003e72494605ebb02da5e93a2e363d1103fabf54ff63f7ad1c5c75d12","sha512":"d741deb19a8dd72fd9279f02eb20a9ef7771d4c4c7010d78eee666a9798b53ba48bcc4d78d1d0ec1eef7f42cdd6ab68d7fb0d27b6bce80cf5e3784124484df75","ssdeep":"","tlshash":"2cc02b0c74636548dd03115017c33240c288c33f685ec011390d8583b3cb2bac4c33a5","dom_hash":"domhash18da208b3b39949e9ba09528a720f5c0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"m.dabaixiche.com/","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":0,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-30T00:30:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"m.dabaixiche.com","ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-12-26T00:30:34.901432Z","last_seen":"2025-12-26T00:30:34.901432Z","alert_count":112,"request_count":56,"received_data":1158418,"sent_data":31523,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Parsley.js","description":"Javascript forms validation script.","website":"https://parsleyjs.org","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"parallax.js","description":"Simple parallax scrolling effect.","website":"https://github.com/pixelcog/parallax.js","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"oudngmslhifnsf.gdmgcyy.com","ip":{"addr":"206.119.188.34","port":443,"asn":133199,"as":"SonderCloud Limited","country":"United States","country_code":"US"},"domain_registered":"2020-05-10","domain_rank":0,"first_seen":"2024-02-01T09:47:13Z","last_seen":"2025-12-23T08:59:26.48102Z","alert_count":0,"request_count":1,"received_data":1829,"sent_data":422,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.21.4.3","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"m.dabaixiche.com/","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"introduction_type":"eval","is_inline":false,"md5":"a2c100e1f770b423370aa8ea8f49ac29","sha1":"8ba047b696b41d66c3b0c59331ec6cb2c7730a99","sha256":"b4e14d00e31aa995facc93ba9d57fa1930d0e0ba1c76c1442be059fc19600fee","sha512":"9bff3bda3aadc7bbb3e68666ed84e27f17a306d3860951184074ec4251482e6e99cafe239dcde054f502bcf6658ae095ea8a6f9711ca40fe44a8b32c9b590a3f","ssdeep":"","tlshash":"633110f17086902e8163566138696f9c793ca140eb168c7254dcb9b4e486eca6823f8c","size":1494,"data":"","first_seen":"2025-11-29T03:27:59.794919Z","last_seen":"2026-04-03T12:23:32.925074Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/plugins/waypoints/jquery.counterup.min.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"a93c83334ec316e024791d3bfd0ecc61","sha1":"828cf49badf0fccc53727ad2d9a73c3385e31890","sha256":"00d91b451b2d4b7dfa2371e70721fe6cd54fb59764eda50bb7e8fdbbbfb1d432","sha512":"790fe28ec5932ba2490e819719348de8f2f16eccc3a734555de6b0eec2c6c56b8f338b86e56bcce08d39b0b733541238925ffa61e4c6333dd3c98f7ddc8f3288","ssdeep":"","tlshash":"4b118cb97a0a298dba80f45df2efb0989036bdbc0c80984b92c55c401f95abc7b57730","size":1068,"data":"","first_seen":"2023-03-07T15:31:21Z","last_seen":"2026-04-02T07:25:18.53813Z","times_seen":214,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/js/scripts.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"4129785c230f3d477ae35ba666e23604","sha1":"1f59310ec901781805e492af2faa82d2ba6e4675","sha256":"0de9f4928478b6afc27dc8d06675e07b1f015b129f5bca0822e99fc940820210","sha512":"fbccf9ccfbe63b13609058d49cbc433b88762963cd5de427e3aa009d34a255058fad1c2ff2a8f4858a4c6c63927430da32be42965a7e7e317572806e88c6ddc9","ssdeep":"192:C1d5juA6+S3971Lmua0M9bYllrFYtw5evAEP8AEPy:0juA6+kQmXL5yAEP8AEPy","tlshash":"773221587851006a1837f338ae3a5608fb6d021b82028a557dbd15d52f7036eb7edfde","size":11770,"data":"","first_seen":"2023-05-23T03:23:31Z","last_seen":"2026-03-27T01:46:08.245581Z","times_seen":354,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/plugins/Magnific-Popup/jquery.magnific-popup.min.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"ba6cf724c8bb1cf5b084e79ff230626e","sha1":"f455c5f153f872e52265f87a644ff89fe14a6fb6","sha256":"3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4","sha512":"22c361e44dde632dedaff2625f6631e2fb02ba3b6487097b48baa09f02cd81fd381ebb7d053f525e52e56655b1f8e2b89ddcc0a002e1b0c35c0a6920823641d7","ssdeep":"384:lPhVPXQ2G2XAQyqVxRQ5giCCMLtA15h5/F6l8aZwHwztLCpmst:lPBIt8I5h5t1qkOLCMst","tlshash":"bd921894f2b2b21383a735b8686f70093a729952ed06c855a55d94d87efcec89037f3c","size":20216,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-03T17:34:29.624563Z","times_seen":54423,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/js/menu.min.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"11523555d48b38ac0c755b91472b6e54","sha1":"00e1c7432fe7e9c9a040752ea2240ad8f2dfddbb","sha256":"72d17bd9918958ea5db273de0af388d3a26f9696739d0c4d2c38462dac595589","sha512":"29d6aa714ef5150f269ab5d007ab7482898d85acd1d1b8410b0551671eaf998de77294087eed27020450fe36ac82835e65d775b5b2eefaa5f4fdf1ca585f3d1b","ssdeep":"","tlshash":"1321e15e792059ec45af736311b783d151720e1d81448101f37121f56efe2a27ae3f4a","size":1319,"data":"","first_seen":"2023-03-12T20:22:28Z","last_seen":"2026-04-02T07:25:18.511396Z","times_seen":308,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/js/jquery-3.3.1.min.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-03T17:32:49.547416Z","times_seen":118014,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/plugins/parsley/parsley.min.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"f357718a12a1fabad8b4175d1d918d79","sha1":"5902d7f1cb923768ff4c623da0127df2bf9437ba","sha256":"7c735d70916116b38f3992f36d4bfbd883b4d981cf474b3596e7a7f6aac9c203","sha512":"99745b7bdf67e363fcf8ddc5566ab0d02d7d9659ab0a7e3921d386c651180511efa10c95f2178f4fcc09f0292fa5d724bb01b3e092fa3e79051a5cff9b9f7386","ssdeep":"768:MvpTN5353R+a0WsQ02dpjeyoOBvZsMNxFQfxihV3p9v9sJGDUZjEIJ:MD5p3R+a0WsQ06jQ2TV3p9v9sdjE0","tlshash":"4313c94eb29162524ea730f5183f7107b2778b28684d4068f0a9d5d7f8b8e869277f3d","size":43103,"data":"","first_seen":"2023-03-12T20:22:28Z","last_seen":"2026-04-02T07:25:18.536373Z","times_seen":218,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/plugins/parallax/parallax.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"97a318c5dd971ceb013b04ee3a5a9c00","sha1":"8fb86cc097c792f5cdd9c0e02c2be5bcc27ed510","sha256":"1aa4cad8b8c65ae062f64172ceb16f7eb02242cee0ec506f6a18390b650b98e3","sha512":"f0d5414b62d7c1558705e78353db5e7c3eb93663ccb7fde6852aed67d950d858cb3be4b74c986c97435445792c63a10347db7a0978035099bdec9bdf0cbc62fa","ssdeep":"192:d0KW9KgqL4+UaWCjVYTY2tPtt5uM+FjgpfMiXuwv8S/X8/VUVTJTsjNn1SV:mKVWCynJduMpfMAuwESP8/m3Ton1SV","tlshash":"627296d97322b421657b622721afc70e713175261980809cf538c8db6eb9d4a736ffb8","size":17313,"data":"","first_seen":"2023-03-07T01:14:42Z","last_seen":"2026-04-02T07:25:18.510827Z","times_seen":260,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"oudngmslhifnsf.gdmgcyy.com/tja.js","fqdn":"oudngmslhifnsf.gdmgcyy.com","domain":"gdmgcyy.com","tld":"com"},"ip":{"addr":"206.119.188.34","port":443,"asn":133199,"as":"SonderCloud Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7fc934e6f6bbe8158806c8f1d375bbe7","sha1":"2cf2fd7ed5a9405af0e4366bc19b02dc527ccc76","sha256":"f5598ac6b2a832b0b35a705fa2fea04ac6080c9a33ef15bca2ef07e10f186906","sha512":"bdbfc25129e0b69ccd72c7615bea28242bf0fd245d9a29814e5f3e354e803ce820d42f56e6caee39a5560eeab9283c4fb20bf648401fe9c510e9f780ffa61861","ssdeep":"","tlshash":"a1316278374b04a23367f612140b100d63b8d3854b6f08a0e3a475967df6948d49bfbe","size":1538,"data":"","first_seen":"2025-11-29T03:27:59.737284Z","last_seen":"2026-04-03T12:23:32.913956Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/plugins/owl-carousel/owl.carousel.min.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"f416f9031fef25ae25ba9756e3eb6978","sha1":"e2a600e433df72b4cfde93d7880e3114917a3cbe","sha256":"a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d","sha512":"6cfb3b01eea956f84e4a221cc940a547bfead8e02c462a2fc38bc0917fb325bc374a101e7aa7b3ab9d11208708511abb39adb4ad6da7daaf9fc9704d714f65af","ssdeep":"768:UCI7dmuMFAAJG4dlQKNORpnXGAtep2lcwJeL+wr2RSGc7UuHjRUQuFBt33:PITMFC4dbMVRSGcgRDV","tlshash":"e7137346b3202d2a869b61a0663f160bb23a241ce414547d7d79e6de6d7dc8c213ffbc","size":44342,"data":"","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-03T17:02:35.976807Z","times_seen":48056,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/iau328rrdigieikf.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"b4fabdb53b93e0ff03152db7e813329f","sha1":"aa1e55c6090d81c373bb7f670cf62faf94a5bf6a","sha256":"b0282d487acb28832604a24cedfb2611ab170396d85c4d6160140338a44f5771","sha512":"de79a1f1fc14759e01474946b5501153eb1c0efd3e897353587044ad65a13c3c1acc23059c2da7ed496e2b48b659188e8975ec3a12005bd76cd000228f18a182","ssdeep":"","tlshash":"5be0c0e4359274ca430ab8d1043bd00ae2f65649bcaf51f4f908710d795578c529f699","size":362,"data":"","first_seen":"2025-02-08T17:04:51.840248Z","last_seen":"2026-03-06T11:57:21.999994Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/plugins/waypoints/jquery.waypoints.min.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"7d05f92297dede9ecfe3706efb95677a","sha1":"56bdb149d9baf64474a4c24ae66445769a28254e","sha256":"368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c","sha512":"df25e4c654002bf66cbaea0917976f75afd9e16cb22d995f371de879d83d9334391bf9e921718995664da8fdd643239210205841fda0ac691b751693d505c759","ssdeep":"192:mEBzxsMCm1nJDl6hj8E3aPEGnvfiaaLkYluY4pLyUcDWZPeGz+nrFr:mEFoWJDlC8eaPZnvGLkYluYTUcEPeGzs","tlshash":"55126189750134221bdf50fad91f474ab337582ca80680bdb4c8d4ed29f152d676bfba","size":9028,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-03T16:19:10.389775Z","times_seen":12983,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/js/bootstrap.bundle.min.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef58fee438cd2da2c3b33ff6f1cfeebf","sha1":"41a4836fc0253324e7e583905f47ba7194bac91d","sha256":"13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e","sha512":"53ce49ab8ecaba729e823bfa8153009d0c2d423a2f757cff0d03af428c6b0fa8f76867c30dba7900026e39d9d0c75b1e7ccf740fd28129242464647986b2dbb6","ssdeep":"1536:EwGC7pXnzlEHnMX6T50OpPX8EyPoWQ8Bbe:UezMMX69JPtyPoJ","tlshash":"c163c64a3250b4b202dfa177903f460bb737689da50a811cb95da8ed2d7cd993267f3c","size":70966,"data":"","first_seen":"2023-03-07T01:07:38Z","last_seen":"2026-04-03T12:38:31.720981Z","times_seen":2608,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/js/custom.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"36fef3c339ce62b6db391c0224563d1b","sha1":"6495ccd5dedea8c075c12346a3135fb8057667a7","sha256":"ba393265d46394a131f7c8e738a6b5227b5428ac3198a97278220015f6ca0f9f","sha512":"b42781d4d9a5fe41d154c1c4cb3549f9abc52a9a3d9d194dc5a999082780ae248d1bb7cb0016ef635e6abef3097adcf35af125c661e723d92e8963eeaf153635","ssdeep":"","tlshash":"64d0120c06b2246905361d48304e1c3b762f8d3382c2a6a3f02c00881e59304f380485","size":254,"data":"","first_seen":"2023-03-13T04:45:01Z","last_seen":"2026-03-27T01:46:08.240662Z","times_seen":146,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"introduction_type":"eval","is_inline":false,"md5":"5bcd1fd86f5e6e028374e108ac2a5295","sha1":"1e75df98e8f073235317b79c870f123d0d032e1a","sha256":"8e89eccac1adef45f1ce55fca42ada006257ce5ae0e1df817510a5eeb70047d3","sha512":"2ea857ab4a5271bb02d0ff6131cb4721c02380209dbd8ed810df4c96f5d251f2e74d16a9b6e8594cfcf1153e7285437874494735dc171dc6a5109088dd3250c0","ssdeep":"","tlshash":"33b012426e1991406a0558840531e5cc30748829ad90e512004940000061ad80c42d40","size":88,"data":"","first_seen":"2024-02-01T10:47:46Z","last_seen":"2026-04-03T12:23:32.926314Z","times_seen":168,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"a19c6ace26811efdef48d7c7c0dbd6ee","sha1":"08fa6e7e9b2efe1acccce1e152364ab760aca633","sha256":"5c0e2b883d3607913acf5c34b2c77df71aa2005dc20e19ab2b9cdd9977b27c4f","sha512":"84be61df9e480c1bff2cbec0ace4cf2bfada014a9af03d83cf13514abbc72fd5282612eff7fbbd920a101da6d6b31568977e9ca101284c9c99e01ba7dc62ab9f","ssdeep":"","tlshash":"6ea0025bed1ad5949a00ecc84536f58c6021994e6de4e96749ac41045a62aed0852980","size":65,"data":"","first_seen":"2024-02-01T10:47:46Z","last_seen":"2026-04-03T12:23:32.929334Z","times_seen":167,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/ma.png","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/ma.png HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 28 Jan 2021 06:19:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60125776-685\"\r\nexpires: Sun, 25 Jan 2026 00:30:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1669,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 260, 8-bit/color RGB, non-interlaced","md5":"33c178469ce5b4d38122d1c51678fe1f","sha1":"c5014af188946a04fd4201f22c1aafe717e2c596","sha256":"c63fc8fc83eb62d7cd1c3d8c1a5ab2e712ef118a7bc2451081db95f5cb38fc7a","sha512":"c2db0c027bc258cc2b483ca666f13110894fbad2dd2723c9fedc9f6fc7d5e38473042147b903439a92f2f3901290e98b9737297908258384cf6ac2eb3841c4d0","ssdeep":"","tlshash":"da31fe468d0f44d97c423d5ddabd96683f7785dec541fa38d01148322c70cd2aaaa899","first_seen":"2023-05-19T20:31:47Z","last_seen":"2026-03-27T01:46:08.256663Z","times_seen":73,"resource_available":false,"data":null}},"time_used":1110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/plugins/Magnific-Popup/jquery.magnific-popup.min.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/plugins/Magnific-Popup/jquery.magnific-popup.min.js HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-4ef8\"\r\nexpires: Fri, 26 Dec 2025 12:30:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20216,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20087)","md5":"ba6cf724c8bb1cf5b084e79ff230626e","sha1":"f455c5f153f872e52265f87a644ff89fe14a6fb6","sha256":"3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4","sha512":"22c361e44dde632dedaff2625f6631e2fb02ba3b6487097b48baa09f02cd81fd381ebb7d053f525e52e56655b1f8e2b89ddcc0a002e1b0c35c0a6920823641d7","ssdeep":"384:lPhVPXQ2G2XAQyqVxRQ5giCCMLtA15h5/F6l8aZwHwztLCpmst:lPBIt8I5h5t1qkOLCMst","tlshash":"bd921894f2b2b21383a735b8686f70093a729952ed06c855a55d94d87efcec89037f3c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-03T17:34:29.624563Z","times_seen":54423,"resource_available":true,"data":null}},"time_used":1105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/icons/planning.svg","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:12.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/icons/planning.svg HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/xml, text/xml, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:12 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-f7b\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3963,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b052e28944b2ea5d8d101a0f793caadf","sha1":"187bad20f52c12bc959476714e2dc53b30caad28","sha256":"7b4a83c63a1a45ba71c4b9a6f0e800d66126f02025e27b56321f93d47c0156e7","sha512":"a998260317ccbb9c634da80aa5908846587cb404d35fb6142e85b9ffe144c8badcb86f6833f3d6bbcfb24a4ef269555836050da04854207866f995efe5bd4c1f","ssdeep":"","tlshash":"7e81d19132ad2d4f813036b1c67a47aaaa126a947f35f384bb4b307f31050d17dd5f1a","first_seen":"2023-08-13T21:19:22Z","last_seen":"2026-03-27T01:46:08.224435Z","times_seen":117,"resource_available":false,"data":null}},"time_used":3064,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3064,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/banner/shaps1.png","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/banner/shaps1.png HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 696\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\netag: \"5d714648-2b8\"\r\nexpires: Sun, 25 Jan 2026 00:30:10 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":696,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 39 x 39, 8-bit colormap, non-interlaced","md5":"d8584e2b2eea3108db27361cdc286e06","sha1":"7de5610d6232d61c31a0b27d78f5fc33af69699f","sha256":"160abe9fa3f8c4822c0c27815a45d0d5d4b5ed3952303c73ddc11f94210e0fea","sha512":"c0ac7c21832f5b70106b7f4290381a3b4c6e9d017d9e5443a3b24789ec86bd0b3e225a2bda6c411b7d1152ed2ebe4f30991b4c20ef8ce514118190f17a383bcb","ssdeep":"","tlshash":"830123b32fc0aaf5c14d10b747269d975e7a44eb501170adf619f82d4c7234999e33a1","first_seen":"2023-05-20T20:07:45Z","last_seen":"2026-03-27T01:46:08.256043Z","times_seen":224,"resource_available":false,"data":null}},"time_used":677,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":677,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/css/bootstrap.min.css","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/css/bootstrap.min.css HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:10 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-22688\"\r\nexpires: Fri, 26 Dec 2025 12:30:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":140936,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65324)","md5":"04aca1f4cd3ec3c05a75a879f3be75a3","sha1":"675fcf28f9fbf37139d3b2c0b676f96f601a4203","sha256":"7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11","sha512":"890415fa75ed065992dd7883aed98bfbdfd9fa26eec7e62ea30263238adca4eecd6204f37d33a214d9b4f645ad7d9cc407d7d0e93c0e55cf251555a8a05b83ff","ssdeep":"1536:un1QWSUPBT+QYYDnDEBi82NcuSEz/NvT/gIENM6HN26e:q1L7PDxYIENM6HN26e","tlshash":"bdd373a7f5a0312da467c61864d0bafe156f8285d7221ffaf42737644b895cb0a73e0c","first_seen":"2023-04-05T03:23:19Z","last_seen":"2026-04-03T16:14:52.616402Z","times_seen":19458,"resource_available":false,"data":null}},"time_used":457,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":457,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/plugins/parsley/parsley.min.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/plugins/parsley/parsley.min.js HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-a85f\"\r\nexpires: Fri, 26 Dec 2025 12:30:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43103,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32005), with CRLF line terminators","md5":"f357718a12a1fabad8b4175d1d918d79","sha1":"5902d7f1cb923768ff4c623da0127df2bf9437ba","sha256":"7c735d70916116b38f3992f36d4bfbd883b4d981cf474b3596e7a7f6aac9c203","sha512":"99745b7bdf67e363fcf8ddc5566ab0d02d7d9659ab0a7e3921d386c651180511efa10c95f2178f4fcc09f0292fa5d724bb01b3e092fa3e79051a5cff9b9f7386","ssdeep":"768:MvpTN5353R+a0WsQ02dpjeyoOBvZsMNxFQfxihV3p9v9sJGDUZjEIJ:MD5p3R+a0WsQ06jQ2TV3p9v9sdjE0","tlshash":"4313c94eb29162524ea730f5183f7107b2778b28684d4068f0a9d5d7f8b8e869277f3d","first_seen":"2023-03-12T20:22:28Z","last_seen":"2026-04-02T07:25:18.536373Z","times_seen":218,"resource_available":true,"data":null}},"time_used":1108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/banner/shaps4.png","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/banner/shaps4.png HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-44f\"\r\nexpires: Sun, 25 Jan 2026 00:30:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1103,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 34 x 40, 8-bit colormap, non-interlaced","md5":"7e504ba9800440f3708b1823b546c9cf","sha1":"312784b5910aa407abfb3bbbb988717776556d91","sha256":"34dc3136ec79a2fc2636c2383082a04ab7747cc5ec9375553b2d83c31f713153","sha512":"bb339474164b65fc9b53604ced0c68c6d478e3d846736d3022695028df090948d11937b1a378c9910ae623c66c182c8a2128245dcc3871535942c5bb104b6ae2","ssdeep":"","tlshash":"ad119692ac096194ce26721fdad79153581f1818d702cf87be980844f8b33dc69ca14f","first_seen":"2023-05-20T20:07:45Z","last_seen":"2026-03-27T01:46:08.221989Z","times_seen":221,"resource_available":false,"data":null}},"time_used":676,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":676,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/feature/app-img3.png","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/feature/app-img3.png HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-d78f\"\r\nexpires: Sun, 25 Jan 2026 00:30:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55183,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 278 x 471, 8-bit/color RGBA, non-interlaced","md5":"f70c04994fceaff51f1447c75d1b7290","sha1":"a00204bd5712948752e65f1afda17abcc362e4d1","sha256":"71cf845b9320964ba91eccda2fd6136ccf48e52ad8efed0c90026f7899e58c3c","sha512":"3d2b77fbd4190c3fe717e7ea4ac85f5170d286d92b9acf4a8615db478cd2bd01e69c3e55c0aeb0fc7b8fc4652910ce8ea83977687d88dedb8bf7ac13b795f41b","ssdeep":"1536:q/oaTh0/mTNJ+wUt/fbqwZkeU3T6atGee7GKYO:tCh2mTNkV/fbTkew/t1ep","tlshash":"1743f14499d1056fcd9bc280b7e7e2b9e35b50ac9d430031238eeeb6af475a08ed78d5","first_seen":"2024-08-19T23:35:14.0856Z","last_seen":"2026-03-27T01:46:08.252217Z","times_seen":67,"resource_available":false,"data":null}},"time_used":1114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/feature/app-img5.png","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/feature/app-img5.png HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-403d\"\r\nexpires: Sun, 25 Jan 2026 00:30:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16445,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 278 x 471, 8-bit/color RGBA, non-interlaced","md5":"bfa3e31c58c9f86bba28e76a9cf70f55","sha1":"47c8c40a7e48a3cef53dfe4624947631eb6e799d","sha256":"540514c17da2d2ae16c7abf2a89d611f5fb91f4e9fec0593134053f0ca155b11","sha512":"22723e8f587eef58ec8154780c722a99f216ab26018e284c077c379b0d3e803e6620f24ab5012279174a1dfa38677ada6dbaa2bac0c479722a76826c1d8cbf90","ssdeep":"384:fj7SygXvf4/Esn9tI+Y1U7GBYtLjU2SwVvQxF8LarGrjUOknrnLs2:fjCXvfuVI+Y1yljUwVY4urcyLj","tlshash":"c1728e8c0fc3528f849ef55434ae72c87112e71289bc718e491e7f705e534997667937","first_seen":"2024-08-19T23:35:14.083268Z","last_seen":"2026-03-27T01:46:08.252741Z","times_seen":64,"resource_available":false,"data":null}},"time_used":1113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/js/jquery-3.3.1.min.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/js/jquery-3.3.1.min.js HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-1538f\"\r\nexpires: Fri, 26 Dec 2025 12:30:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":86927,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-03T17:32:49.547416Z","times_seen":118014,"resource_available":true,"data":null}},"time_used":1110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/icons/project-management.svg","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:12.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/icons/project-management.svg HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/xml, text/xml, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:12 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-1c6b\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7275,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"aa24918d36e78a1a8fb2ffc7644d7595","sha1":"c8d2cfb6f2ea7cedb117438983ada046da9308c5","sha256":"87dcbe7e133546fbef81f6774fd696143384c965147b3304d86a6bcfa246f117","sha512":"edc305cc9b46ec38011d496242a9fde37647faea337b5cf813050e699798d8f35da747ffc1b5fc50e5e21f374e24d2f3c78176d8e80ecca85f79eff79c7d2669","ssdeep":"192:HoNL2mKPOJ+w2Tp2+DoNvN7NHPNDnHNTn7OpDBNKPvcVFKe8MI0re46w:HoN6mGOJWTprDoN5NvXvKLKMVFKe8MJr","tlshash":"fee195c0732d9afd65942b78c53114943ba9eaaa3f31c554e35f2d337916a82d0dcd38","first_seen":"2023-08-13T21:19:22Z","last_seen":"2026-03-27T01:46:08.233866Z","times_seen":120,"resource_available":false,"data":null}},"time_used":3053,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3053,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/favicon.ico","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:19.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:19 GMT\r\ncontent-type: text/html\r\ncontent-length: 148\r\netag: \"66d07e4e-94\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":148,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"630e1f9fef1a483fe84154e2d0d046df","sha1":"f10e0cf39fb920a438116caaea80a71e0dcdc162","sha256":"9cad3cff676946810a81047247f12e4e51faccc01df4134edfd871aee8ba0956","sha512":"33f8257b60c25704f0856806337c13e8afe964c5b075d80f15abd87ffa59ff0329f12de0c4b5978d4640d5b70c0a997c0c239f422d4da5bbdcb3727c281cfcda","ssdeep":"","tlshash":"1ac02b0d346366448a03001023c33240d086833f78da8010380ec083f3cf39ac4c73ae","first_seen":"2024-07-21T17:05:04Z","last_seen":"2026-04-03T17:06:06.780012Z","times_seen":14519,"resource_available":true,"data":null}},"time_used":10540,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10539,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/footer-bg.png","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/footer-bg.png HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-2444\"\r\nexpires: Sun, 25 Jan 2026 00:30:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9284,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1894 x 525, 8-bit/color RGBA, non-interlaced","md5":"d6fd5e4f2ad55d93d0558fc4f80e820d","sha1":"f72d3b81f8bfdc7febc41634ed7f9d70aee55bf8","sha256":"4568baa259cdeac5c1201984a61238c583e618a2fea2434ff10f3f238272f6c9","sha512":"347b03f94908b8b3da030a6b8c1ef279c58fff68a095468b7f713d6dc626051390a5a1f055cab72cf1a3cdd523378ceb3b897254fb2c3e3bca2da9a3d0b639ef","ssdeep":"192:G9fSsQyTzJmwSB+n5Kotlddddddddddddddddddddddddddddddddddddddddddy:G9fSsQmdNK08","tlshash":"b612aa3eae080e95e0215df35daf4d443bf61a8dd18d2bb2f7ac04229cdb66cd514d90","first_seen":"2023-05-20T20:07:45Z","last_seen":"2026-04-02T07:25:18.539267Z","times_seen":524,"resource_available":false,"data":null}},"time_used":1112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/js/menu.min.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/js/menu.min.js HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-527\"\r\nexpires: Fri, 26 Dec 2025 12:30:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1319,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1319), with no line terminators","md5":"11523555d48b38ac0c755b91472b6e54","sha1":"00e1c7432fe7e9c9a040752ea2240ad8f2dfddbb","sha256":"72d17bd9918958ea5db273de0af388d3a26f9696739d0c4d2c38462dac595589","sha512":"29d6aa714ef5150f269ab5d007ab7482898d85acd1d1b8410b0551671eaf998de77294087eed27020450fe36ac82835e65d775b5b2eefaa5f4fdf1ca585f3d1b","ssdeep":"","tlshash":"1321e15e792059ec45af736311b783d151720e1d81448101f37121f56efe2a27ae3f4a","first_seen":"2023-03-12T20:22:28Z","last_seen":"2026-04-02T07:25:18.511396Z","times_seen":308,"resource_available":true,"data":null}},"time_used":1106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/js/custom.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/js/custom.js HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 254\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\netag: \"5d714648-fe\"\r\nexpires: Fri, 26 Dec 2025 12:30:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":254,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"36fef3c339ce62b6db391c0224563d1b","sha1":"6495ccd5dedea8c075c12346a3135fb8057667a7","sha256":"ba393265d46394a131f7c8e738a6b5227b5428ac3198a97278220015f6ca0f9f","sha512":"b42781d4d9a5fe41d154c1c4cb3549f9abc52a9a3d9d194dc5a999082780ae248d1bb7cb0016ef635e6abef3097adcf35af125c661e723d92e8963eeaf153635","ssdeep":"","tlshash":"64d0120c06b2246905361d48304e1c3b762f8d3382c2a6a3f02c00881e59304f380485","first_seen":"2023-03-13T04:45:01Z","last_seen":"2026-03-27T01:46:08.240662Z","times_seen":146,"resource_available":true,"data":null}},"time_used":1780,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1104,"receive":676,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/icons/solution.svg","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:12.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/icons/solution.svg HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/xml, text/xml, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:12 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-12bb\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4795,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a5b4cca45e96fc86f90d1cf49cecf2c4","sha1":"fb685fedfb857509aca7cd5e6b85d1a0dd8f9ace","sha256":"477b1163b7b2dc4231c425cd2bb67cb10f5a7956f6461357733ca981b6771b4c","sha512":"699cab18dbf5ae2ee9e7de9ec39ac374002b3fbbfc236fe2428db6e7d1ed790914370f77bf6df9a64928291c9bcbcb7ccfe90d5e5480d878e4593fc8031e5b35","ssdeep":"96:knQfATfcZslS0eoonnWaRWq+fEzxu/QSF5I8L/zk//AHNy+kPLltgIRHrboY2:HAc0W0qbzxuXW4zkAHsp7PboF","tlshash":"eca163917329b8bc156026b9c93026a63abf675c3e30e610a3afe91b34059c7d1ccf21","first_seen":"2023-07-26T22:20:52Z","last_seen":"2026-03-27T01:46:08.231657Z","times_seen":117,"resource_available":false,"data":null}},"time_used":3067,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3067,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/plugins/parallax/parallax.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/plugins/parallax/parallax.js HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-43a1\"\r\nexpires: Fri, 26 Dec 2025 12:30:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17313,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (17272)","md5":"97a318c5dd971ceb013b04ee3a5a9c00","sha1":"8fb86cc097c792f5cdd9c0e02c2be5bcc27ed510","sha256":"1aa4cad8b8c65ae062f64172ceb16f7eb02242cee0ec506f6a18390b650b98e3","sha512":"f0d5414b62d7c1558705e78353db5e7c3eb93663ccb7fde6852aed67d950d858cb3be4b74c986c97435445792c63a10347db7a0978035099bdec9bdf0cbc62fa","ssdeep":"192:d0KW9KgqL4+UaWCjVYTY2tPtt5uM+FjgpfMiXuwv8S/X8/VUVTJTsjNn1SV:mKVWCynJduMpfMAuwESP8/m3Ton1SV","tlshash":"627296d97322b421657b622721afc70e713175261980809cf538c8db6eb9d4a736ffb8","first_seen":"2023-03-07T01:14:42Z","last_seen":"2026-04-02T07:25:18.510827Z","times_seen":260,"resource_available":true,"data":null}},"time_used":1108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/icons/solution1.svg","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:12.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/icons/solution1.svg HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/xml, text/xml, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:12 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-efa\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3834,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b8effd7f75199cdf0c3769c0eec407d5","sha1":"0bcf99bd96062b25a3a35ca9fde64718cf1a336f","sha256":"025b585d788d8cf3a09131d65707d17c381693e21edd90722f1f7b4dc3bbba6a","sha512":"53f098926adf19e1d737f5552ea33f36d5efafbfa2378e96f75c210fa142303ec1795a822d7dae455c45c4543b365850d3878afa54200bd478c20c5934b0aee5","ssdeep":"","tlshash":"fd81dbd0b10e5eae8ce09571c17424e93bbe8f925a31f110bf4fb92bf8094d194e469e","first_seen":"2023-11-03T10:55:59Z","last_seen":"2026-03-27T01:46:08.232238Z","times_seen":111,"resource_available":false,"data":null}},"time_used":3045,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3045,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/banner/shaps7.png","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/banner/shaps7.png HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-41e\"\r\nexpires: Sun, 25 Jan 2026 00:30:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1054,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 42 x 39, 8-bit colormap, non-interlaced","md5":"aa0a60ebdbd4a492b2b87f67135a6df7","sha1":"500bb9beefda04c0f6ff8bf271342b5736b452b4","sha256":"a737ca7079b2737eac3ea2204e7e95c789844dceddcaf7907a07361f32e3cf78","sha512":"4c1f6971d66234c06874c706a0d175c03c22246d3b6f3a64c626f16958c75f85ad7757af31e2fb7e18f2d63668436c713fb34bddabce5d142408cdfa621fc53c","ssdeep":"","tlshash":"3e11a5e8e6b4579ee15ea27911a7178231731a8b16bce3566774d8460830a8415f1833","first_seen":"2023-05-20T20:07:45Z","last_seen":"2026-03-27T01:46:08.242461Z","times_seen":219,"resource_available":false,"data":null}},"time_used":675,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":675,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/css/style.css","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/css/style.css HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:10 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 16 Nov 2023 07:32:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6555c57e-e9ed\"\r\nexpires: Fri, 26 Dec 2025 12:30:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":59885,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"638c3ecb46ff56509c0e6bfcfae74746","sha1":"fbdc82ad8441a59eb150ae72d30678cb2ebe65d1","sha256":"cb8ede7dc42ecbd10da1b4a4079357ea138f36947165f25dc57a942e5f18880c","sha512":"5b0b2bbc92f6aa6211e28fcd09f8c2bea0c6041abbd7b2958a903c1b5dc7cb882a5c0a26a248fe16fb36a40924846a57c472c8b84514d23e9ee9c66eafb843da","ssdeep":"1536:DZSm6YDkjluHkJjLV/LY+4Z0wYLk+EnSwsLd:Em6YDkjluwjLVN","tlshash":"32438655aaa31840751785b89bef9b24336c6053a00eedbcbb8d214ccfc57d8a1a7b4d","first_seen":"2025-04-22T12:02:10.25473Z","last_seen":"2026-03-27T01:46:08.23303Z","times_seen":58,"resource_available":false,"data":null}},"time_used":680,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":680,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/images/defaultpic.gif","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /images/defaultpic.gif HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: image/gif\r\nlast-modified: Mon, 22 Apr 2024 15:40:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"662684e6-2c9a\"\r\nexpires: Sun, 25 Jan 2026 00:30:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11418,"size_decoded":0,"mime_type":"image/gif","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"Generated by Snipaste\", baseline, precision 8, 473x315, components 3","md5":"35232f9d4f79c2e21f4553f25f0aa744","sha1":"88961df6bd4dc87648fdeb6c70dd603616b7f642","sha256":"1e27110c056860a8df66dc21b84e6c79b43d4a508cb7222e6081d78379d49934","sha512":"f0e39dbb4be8dadced75df70d941bf22d8c92b9c39dbb6810a5cdc3eac75a95030645865bb9b047fd10525947500ab7bf32ed6137840243ea91ba3067d2dd9a5","ssdeep":"192:XQaEsCc944sDBO2Opb3BC+4LHRP8+SbauCSkm6HCw8PjUvsaXPnAvbf5L:XQaEsJ91qUp934+4L2T+uPkm6p8bUvLc","tlshash":"eb325bb9eb4276c60f97a546f02c1f7386ed42c8b5c05c16c892bc689189369e31b69e","first_seen":"2024-02-01T10:47:46Z","last_seen":"2025-12-28T06:33:27.472534Z","times_seen":23,"resource_available":false,"data":null}},"time_used":1112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/plugins/waypoints/jquery.waypoints.min.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/plugins/waypoints/jquery.waypoints.min.js HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-2344\"\r\nexpires: Fri, 26 Dec 2025 12:30:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9028,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8863)","md5":"7d05f92297dede9ecfe3706efb95677a","sha1":"56bdb149d9baf64474a4c24ae66445769a28254e","sha256":"368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c","sha512":"df25e4c654002bf66cbaea0917976f75afd9e16cb22d995f371de879d83d9334391bf9e921718995664da8fdd643239210205841fda0ac691b751693d505c759","ssdeep":"192:mEBzxsMCm1nJDl6hj8E3aPEGnvfiaaLkYluY4pLyUcDWZPeGz+nrFr:mEFoWJDlC8eaPZnvGLkYluYTUcEPeGzs","tlshash":"55126189750134221bdf50fad91f474ab337582ca80680bdb4c8d4ed29f152d676bfba","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-03T16:19:10.389775Z","times_seen":12983,"resource_available":true,"data":null}},"time_used":1109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/plugins/owl-carousel/owl.carousel.min.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/plugins/owl-carousel/owl.carousel.min.js HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-ad36\"\r\nexpires: Fri, 26 Dec 2025 12:30:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44342,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31997)","md5":"f416f9031fef25ae25ba9756e3eb6978","sha1":"e2a600e433df72b4cfde93d7880e3114917a3cbe","sha256":"a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d","sha512":"6cfb3b01eea956f84e4a221cc940a547bfead8e02c462a2fc38bc0917fb325bc374a101e7aa7b3ab9d11208708511abb39adb4ad6da7daaf9fc9704d714f65af","ssdeep":"768:UCI7dmuMFAAJG4dlQKNORpnXGAtep2lcwJeL+wr2RSGc7UuHjRUQuFBt33:PITMFC4dbMVRSGcgRDV","tlshash":"e7137346b3202d2a869b61a0663f160bb23a241ce414547d7d79e6de6d7dc8c213ffbc","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-03T17:02:35.976807Z","times_seen":48056,"resource_available":true,"data":null}},"time_used":1107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/plugins/waypoints/jquery.counterup.min.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/plugins/waypoints/jquery.counterup.min.js HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-42c\"\r\nexpires: Fri, 26 Dec 2025 12:30:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1068,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (918)","md5":"a93c83334ec316e024791d3bfd0ecc61","sha1":"828cf49badf0fccc53727ad2d9a73c3385e31890","sha256":"00d91b451b2d4b7dfa2371e70721fe6cd54fb59764eda50bb7e8fdbbbfb1d432","sha512":"790fe28ec5932ba2490e819719348de8f2f16eccc3a734555de6b0eec2c6c56b8f338b86e56bcce08d39b0b733541238925ffa61e4c6333dd3c98f7ddc8f3288","ssdeep":"","tlshash":"4b118cb97a0a298dba80f45df2efb0989036bdbc0c80984b92c55c401f95abc7b57730","first_seen":"2023-03-07T15:31:21Z","last_seen":"2026-04-02T07:25:18.53813Z","times_seen":214,"resource_available":true,"data":null}},"time_used":1105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/plugins/owl-carousel/owl.carousel.min.css","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/plugins/owl-carousel/owl.carousel.min.css HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:10 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-d18\"\r\nexpires: Fri, 26 Dec 2025 12:30:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3352,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3185)","md5":"d964cdd4d9e85b8c1185a92bae34b049","sha1":"a0e2d64bcbb108f0415f364df5b6fabb8a290365","sha256":"aa7e59e6ec8871088cfeb47bac59a6475c815357deef042c61a5c3c965390546","sha512":"acc8bae151fb7542dd53d2a3ecacc9cf09e18109958970dd56d8b1cd2643811f9d5dfdf8499b5cf74e8cfdc6ad85e6be6d9cddea68670a368280576e9c093a13","ssdeep":"","tlshash":"c061bbe5314a265f480f83221dd81e86393dcc52d8660a5a92bbd71447dae6d213ffcf","first_seen":"2023-04-06T17:45:15Z","last_seen":"2026-04-03T07:28:42.000231Z","times_seen":1646,"resource_available":false,"data":null}},"time_used":681,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":681,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/icons/solution.svg","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/icons/solution.svg HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-12bb\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4795,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a5b4cca45e96fc86f90d1cf49cecf2c4","sha1":"fb685fedfb857509aca7cd5e6b85d1a0dd8f9ace","sha256":"477b1163b7b2dc4231c425cd2bb67cb10f5a7956f6461357733ca981b6771b4c","sha512":"699cab18dbf5ae2ee9e7de9ec39ac374002b3fbbfc236fe2428db6e7d1ed790914370f77bf6df9a64928291c9bcbcb7ccfe90d5e5480d878e4593fc8031e5b35","ssdeep":"96:knQfATfcZslS0eoonnWaRWq+fEzxu/QSF5I8L/zk//AHNy+kPLltgIRHrboY2:HAc0W0qbzxuXW4zkAHsp7PboF","tlshash":"eca163917329b8bc156026b9c93026a63abf675c3e30e610a3afe91b34059c7d1ccf21","first_seen":"2023-07-26T22:20:52Z","last_seen":"2026-03-27T01:46:08.231657Z","times_seen":117,"resource_available":false,"data":null}},"time_used":1118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1118,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/js/scripts.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/js/scripts.js HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-2dfa\"\r\nexpires: Fri, 26 Dec 2025 12:30:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11770,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"4129785c230f3d477ae35ba666e23604","sha1":"1f59310ec901781805e492af2faa82d2ba6e4675","sha256":"0de9f4928478b6afc27dc8d06675e07b1f015b129f5bca0822e99fc940820210","sha512":"fbccf9ccfbe63b13609058d49cbc433b88762963cd5de427e3aa009d34a255058fad1c2ff2a8f4858a4c6c63927430da32be42965a7e7e317572806e88c6ddc9","ssdeep":"192:C1d5juA6+S3971Lmua0M9bYllrFYtw5evAEP8AEPy:0juA6+kQmXL5yAEP8AEPy","tlshash":"773221587851006a1837f338ae3a5608fb6d021b82028a557dbd15d52f7036eb7edfde","first_seen":"2023-05-23T03:23:31Z","last_seen":"2026-03-27T01:46:08.245581Z","times_seen":354,"resource_available":true,"data":null}},"time_used":1104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/iau328rrdigieikf.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /iau328rrdigieikf.js HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:10 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 362\r\nlast-modified: Mon, 26 Aug 2024 14:18:43 GMT\r\netag: \"66cc8ec3-16a\"\r\nexpires: Fri, 26 Dec 2025 12:30:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":362,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (362), with no line terminators","md5":"b4fabdb53b93e0ff03152db7e813329f","sha1":"aa1e55c6090d81c373bb7f670cf62faf94a5bf6a","sha256":"b0282d487acb28832604a24cedfb2611ab170396d85c4d6160140338a44f5771","sha512":"de79a1f1fc14759e01474946b5501153eb1c0efd3e897353587044ad65a13c3c1acc23059c2da7ed496e2b48b659188e8975ec3a12005bd76cd000228f18a182","ssdeep":"","tlshash":"5be0c0e4359274ca430ab8d1043bd00ae2f65649bcaf51f4f908710d795578c529f699","first_seen":"2025-02-08T17:04:51.840248Z","last_seen":"2026-03-06T11:57:21.999994Z","times_seen":44,"resource_available":true,"data":null}},"time_used":678,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":678,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/icons/teamwork.svg","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/icons/teamwork.svg HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-14bc\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5308,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2ed656f0809f8e3157f38f6972f30767","sha1":"33b71766f6f5173981ab0fae4ee9a9401fb12f9c","sha256":"21915828db1ff28a7e022615c70979e47a8873c92cc04ac8c5e84574771ea64a","sha512":"8273b89198a59c2ec161f9133d4988e60a4e051a5e49f02367cac39e39e0aba12db39fcecf43576b0b4f289e96bd1c36654bb357b26211cfff2367f895c7e6a4","ssdeep":"96:knQfIBJ4sfN/l3H57oN0kfMtHa0+93VTPjEDKcUUVPGz/igia4w13H/6ItIxuV3h:HIBJl/ZZ7O0jHa0+93VTPeK3UVPK/igB","tlshash":"99b1c8c263ad8eaed46027b5c6701968367be9657d30e3c4e30b256b354f68198ecfc4","first_seen":"2023-10-23T17:41:35Z","last_seen":"2026-03-27T01:46:08.234679Z","times_seen":116,"resource_available":false,"data":null}},"time_used":1117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/feature/mockup.png","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:12.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/feature/mockup.png HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/style/css/style.css\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:12 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-1634\"\r\nexpires: Sun, 25 Jan 2026 00:30:12 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5684,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 450 x 770, 8-bit colormap, non-interlaced","md5":"544ce2c06d1a5a908a0fe996e82c4e6b","sha1":"08b55b6baf52309db5551caeeeeea7a978600221","sha256":"13cb21d2c2a3219cf5f128b6e1b3d594b8353b293228a93013ca7f39effdcf54","sha512":"f401b07619d9974364275bf7a0ea1ff4d5720281fbcdc21a3939620a0a9c0baed3cdc74579636f00c450b76a99758e97f6d9afb1f3441c40ef6a65cbca39336b","ssdeep":"96:4J3pMvSJ3peBB4S69rjoB8QB9pLy8mz2G9RaWs8cI8:4J5TpsB4nQBxB91tU28RaWp8","tlshash":"bfc15a9bc38cb49ed928947410c31430ebee1dce903a5c02ba791dabc4842b57533799","first_seen":"2023-08-13T21:19:22Z","last_seen":"2026-03-27T01:46:08.239016Z","times_seen":74,"resource_available":false,"data":null}},"time_used":3204,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/css/responsive.css","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/css/responsive.css HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:10 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 06 Sep 2021 05:32:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6135a7e4-4f8b\"\r\nexpires: Fri, 26 Dec 2025 12:30:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20363,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"211e608c91828ca277f6a4de60d8355a","sha1":"e5590ed56d97e6f1739a898330d699f074aac1f0","sha256":"e87848b61df7039e0f9d153fe4d00e5e182b3f76502ab5043249c326ad6bcc24","sha512":"561f04af9d03c9c5749c1ea873688a3b4db315545dad680021a295a0646d077b9d6e9dc8ac68c8d8a1a814624add690e38bc9d1f92d00d586ae3830ac2ddb0a4","ssdeep":"192:ga2HSVs0kmd2S7z7IJFzfHenCgvHcEFzR4j8UXIuhoEnPAx+a9j4E8hmefKiAxQ5:gaEZHcjzRkK53rmP","tlshash":"0b92cb0aea42324858377378efb31a2dfb562563d30580a4bfec1149cfb96589582fdd","first_seen":"2023-05-23T03:23:32Z","last_seen":"2026-03-27T01:46:08.236718Z","times_seen":116,"resource_available":false,"data":null}},"time_used":679,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":679,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/icons/solution1.svg","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/icons/solution1.svg HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-efa\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3834,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b8effd7f75199cdf0c3769c0eec407d5","sha1":"0bcf99bd96062b25a3a35ca9fde64718cf1a336f","sha256":"025b585d788d8cf3a09131d65707d17c381693e21edd90722f1f7b4dc3bbba6a","sha512":"53f098926adf19e1d737f5552ea33f36d5efafbfa2378e96f75c210fa142303ec1795a822d7dae455c45c4543b365850d3878afa54200bd478c20c5934b0aee5","ssdeep":"","tlshash":"fd81dbd0b10e5eae8ce09571c17424e93bbe8f925a31f110bf4fb92bf8094d194e469e","first_seen":"2023-11-03T10:55:59Z","last_seen":"2026-03-27T01:46:08.232238Z","times_seen":111,"resource_available":false,"data":null}},"time_used":1116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/banner/main-base.png","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:12.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/banner/main-base.png HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/style/css/style.css\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:12 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-1113f\"\r\nexpires: Sun, 25 Jan 2026 00:30:12 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69951,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1064 x 1066, 8-bit/color RGBA, non-interlaced","md5":"83f512998366036d71e1c39c81f8f48f","sha1":"6a6e298e0a4e3d4b6a727b63c45af8d4755ab0e0","sha256":"7e9a6140c13907d34aeadd6d9a740f90eb06b5a793444013f07a8e03bd8760a9","sha512":"583958b0749bdfa12e3085082f7f12adea7ab286bd453f18e871630eb8d4aabe9cbd993b306e10947e0c83e55c41accf94cff7846dd74d5b4ac905f1c50f7cd4","ssdeep":"1536:h1d8dm9T0l5l2FAF0wpmAfSxDXlh7+2rvcoXh:vKAg2FcMAfEDXX9rvNXh","tlshash":"da63f12d3a10b9b7d6cc637264470fcdad940095dc0c77633ef6eb226d8b4609ad7269","first_seen":"2023-11-03T10:55:59Z","last_seen":"2026-03-27T01:46:08.253859Z","times_seen":102,"resource_available":false,"data":null}},"time_used":3211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/icons/solution.svg","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:12.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/icons/solution.svg HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/xml, text/xml, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:12 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-12bb\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4795,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a5b4cca45e96fc86f90d1cf49cecf2c4","sha1":"fb685fedfb857509aca7cd5e6b85d1a0dd8f9ace","sha256":"477b1163b7b2dc4231c425cd2bb67cb10f5a7956f6461357733ca981b6771b4c","sha512":"699cab18dbf5ae2ee9e7de9ec39ac374002b3fbbfc236fe2428db6e7d1ed790914370f77bf6df9a64928291c9bcbcb7ccfe90d5e5480d878e4593fc8031e5b35","ssdeep":"96:knQfATfcZslS0eoonnWaRWq+fEzxu/QSF5I8L/zk//AHNy+kPLltgIRHrboY2:HAc0W0qbzxuXW4zkAHsp7PboF","tlshash":"eca163917329b8bc156026b9c93026a63abf675c3e30e610a3afe91b34059c7d1ccf21","first_seen":"2023-07-26T22:20:52Z","last_seen":"2026-03-27T01:46:08.231657Z","times_seen":117,"resource_available":false,"data":null}},"time_used":3051,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3051,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/plugins/Magnific-Popup/magnific-popup.css","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/plugins/Magnific-Popup/magnific-popup.css HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:10 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-1b27\"\r\nexpires: Fri, 26 Dec 2025 12:30:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6951,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"30b593b71d7672658f89bfea0ab360c9","sha1":"d6963db6faa9294387bb3175813a61bc3f859437","sha256":"45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e","sha512":"58440dbfd777facab21e3aea519a1b0e11404590e4a36c2959d7dca6fe3896cca9b12b8c3b490719ddcc43caebb019ff41adfd5688e985d53a08c92925498357","ssdeep":"192:hRQ4fS5bzRyIy++mcS3n2s96/LEpeXHFykgxe:Alx3pSFh","tlshash":"a5e11bd39fb22305e525e9a8a657a76973120013e70fcc6bbfd12448df8d7c942a3b85","first_seen":"2023-04-05T05:38:02Z","last_seen":"2026-04-03T16:54:34.390652Z","times_seen":21242,"resource_available":true,"data":null}},"time_used":680,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":680,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/css/custom.css","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/css/custom.css HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:10 GMT\r\ncontent-type: text/css\r\ncontent-length: 262\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\netag: \"5d714648-106\"\r\nexpires: Fri, 26 Dec 2025 12:30:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":262,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"0c2662699886f0708723dedbbee3bf07","sha1":"f23539203fe34caee3f08c135e8092606e3261b0","sha256":"d253780c00266798c03061f10e13ae5d370b0552ce49c4028321e774bad6f858","sha512":"0438e64e65fc3d833ff4975fe4909857a1068c095e48d7142c75e2eee83a985c59f1e25404425990ad1b70d5c6d54d67ffe7101e0b46c1b25d3e158766578c14","ssdeep":"","tlshash":"6fd0920c0ab2105906392d89b48d2c2a51a79e2687e6baa6f05900841d6a748e288cc5","first_seen":"2023-05-23T03:23:32Z","last_seen":"2026-03-27T01:46:08.227051Z","times_seen":95,"resource_available":false,"data":null}},"time_used":679,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":679,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/logo.png","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/logo.png HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:10 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-c12\"\r\nexpires: Sun, 25 Jan 2026 00:30:10 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3090,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 140 x 40, 8-bit/color RGBA, non-interlaced","md5":"dd82830d32951c66d954e9efd22fdbfd","sha1":"82e84cc18e4c4f1dd5882ca08393fc7bd2aa7c95","sha256":"43ddcc4644852efbea1ec60daed53e3c0f5e4b2ef393467a5ad3583379686e3d","sha512":"c9ef4b63fd5f7120bc2d96cbb2bac3fbc1b46f4bd15752197e49ea9a1924d9dbf5fbe075acde5d63b07ab3da8966651fe8892cc81f530431559c054d0f5e5834","ssdeep":"","tlshash":"2a514db9d6108a0b948ce2467cef9015477f8af0b7c0e465f98dec63053423924699ef","first_seen":"2024-04-18T11:38:26Z","last_seen":"2026-03-27T01:46:08.255445Z","times_seen":63,"resource_available":false,"data":null}},"time_used":677,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":677,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"oudngmslhifnsf.gdmgcyy.com/tja.js","fqdn":"oudngmslhifnsf.gdmgcyy.com","domain":"gdmgcyy.com","tld":"com"},"ip":{"addr":"206.119.188.34","port":443,"asn":133199,"as":"SonderCloud Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:11.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oudngmslhifnsf.gdmgcyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 06:39:18 GMT","end":"Wed, 11 Mar 2026 06:39:17 GMT"},"fingerprint":{"sha1":"84:4B:0B:7A:0A:D0:42:4C:42:71:F9:E1:85:CC:DD:07:F9:BA:C0:D7","sha256":"11:41:A5:14:00:68:D7:F8:23:DF:F1:C7:18:0C:48:6B:48:89:72:3F:4A:54:4B:2E:B2:5B:F9:3A:4E:E5:22:D4"}}},"request":{"raw":"GET /tja.js HTTP/1.1\r\nHost: oudngmslhifnsf.gdmgcyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty/1.21.4.3\r\nDate: Fri, 26 Dec 2025 00:30:12 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 25 Nov 2025 02:47:15 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"692518b3-602\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.21.4.3","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":1538,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1538), with no line terminators","md5":"7fc934e6f6bbe8158806c8f1d375bbe7","sha1":"2cf2fd7ed5a9405af0e4366bc19b02dc527ccc76","sha256":"f5598ac6b2a832b0b35a705fa2fea04ac6080c9a33ef15bca2ef07e10f186906","sha512":"bdbfc25129e0b69ccd72c7615bea28242bf0fd245d9a29814e5f3e354e803ce820d42f56e6caee39a5560eeab9283c4fb20bf648401fe9c510e9f780ffa61861","ssdeep":"","tlshash":"a1316278374b04a23367f612140b100d63b8d3854b6f08a0e3a475967df6948d49bfbe","first_seen":"2025-11-29T03:27:59.737284Z","last_seen":"2026-04-03T12:23:32.913956Z","times_seen":71,"resource_available":true,"data":null}},"time_used":1796,"timings":{"blocked":770,"dns":5,"connect":253,"send":0,"wait":253,"receive":1,"ssl":511},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/fonts/fontawesome-webfont.woff2?v=4.7.0","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:12.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/style/css/font-awesome.min.css\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:12 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 77160\r\nlast-modified: Thu, 27 Oct 2016 20:51:44 GMT\r\netag: \"581268e0-12d68\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77160,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 77160, version 4.459","md5":"af7ae505a9eed503f8b8e6982036873e","sha1":"d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c","sha256":"2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe","sha512":"838fefdbc14901f41edf995a78fdac55764cd4912ccb734b8bea4909194582904d8f2afdf2b6c428667912ce4d65681a1044d045d1bc6de2b14113f0315fc892","ssdeep":"1536:/MkbAPfd1vyBKwHz4kco36ZvIaBfRPlajyXUA2jVTc:L0nXnHdfRVEAS2","tlshash":"7d7302e63b6c4943e03d6460708abe9f104b3ab42fe057e5c876db7f2722992b71552c","first_seen":"2023-04-05T03:30:47Z","last_seen":"2026-04-03T17:29:59.257558Z","times_seen":409710,"resource_available":true,"data":null}},"time_used":4761,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3182,"receive":1579,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/css/font-awesome.min.css","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/css/font-awesome.min.css HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:10 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 27 Oct 2016 20:51:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"581268e2-7918\"\r\nexpires: Fri, 26 Dec 2025 12:30:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31000,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (30837)","md5":"269550530cc127b6aa5a35925a7de6ce","sha1":"512c7d79033e3028a9be61b540cf1a6870c896f8","sha256":"799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd","sha512":"49f4e24e55fa924faa8ad7debe5ffb2e26d439e25696df6b6f20e7f766b50ea58ec3dbd61b6305a1acacd2c80e6e659accee4140f885b9c9e71008e9001fbf4b","ssdeep":"384:wHu5yWeTUKW+KlkJ5de2UYDyVfwYUas2l8yQ/8dwmaU8G:wwlr+Klk3Yi+fwYUf2l8yQ/e9vf","tlshash":"78d241e8e54c01d66731c48bff81b36862b6fb3dd5854da9f01f290c29d226522c5fba","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-04-03T17:22:28.489555Z","times_seen":236214,"resource_available":false,"data":null}},"time_used":681,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":681,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/feature/app-img4.png","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/feature/app-img4.png HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-fc42\"\r\nexpires: Sun, 25 Jan 2026 00:30:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":64578,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 278 x 471, 8-bit/color RGBA, non-interlaced","md5":"ec0d02a50a63d824c68f814ac5b5bd38","sha1":"c0f7fbefd0f9f959e43a88eb5d4553956e5b9177","sha256":"cfd4bdbeebe5dc858e605818b684cff659804509b1a129efa3ae27a02294a16a","sha512":"932e8ed96771bfbb530e3b4d2133e9105e3994950277ba727770f7d4879f3576977652b365d5136ffb2f4c85bddc403a10b22445636ccaab3a6a22c4d5941c41","ssdeep":"1536:Fwsa9g9JCbHWAgTZdiwqciGzbuVKeZT2om:FwNqJCDKyw3zbO/m","tlshash":"a05302157b234c22e2b140f355f5f923fb03969ac314afd54684f8f3505aebaa6dc690","first_seen":"2024-08-19T23:35:14.095406Z","last_seen":"2026-03-27T01:46:08.251191Z","times_seen":64,"resource_available":false,"data":null}},"time_used":1113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/404.html","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:12.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /404.html HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:12 GMT\r\ncontent-type: text/html\r\nlast-modified: Thu, 29 Aug 2024 13:57:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66d07e4e-94\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":148,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"630e1f9fef1a483fe84154e2d0d046df","sha1":"f10e0cf39fb920a438116caaea80a71e0dcdc162","sha256":"9cad3cff676946810a81047247f12e4e51faccc01df4134edfd871aee8ba0956","sha512":"33f8257b60c25704f0856806337c13e8afe964c5b075d80f15abd87ffa59ff0329f12de0c4b5978d4640d5b70c0a997c0c239f422d4da5bbdcb3727c281cfcda","ssdeep":"","tlshash":"1ac02b0d346366448a03001023c33240d086833f78da8010380ec083f3cf39ac4c73ae","first_seen":"2024-07-21T17:05:04Z","last_seen":"2026-04-03T17:06:06.780012Z","times_seen":14519,"resource_available":true,"data":null}},"time_used":1139,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1139,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/icons/project-management.svg","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:12.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/icons/project-management.svg HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/xml, text/xml, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:12 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-1c6b\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7275,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"aa24918d36e78a1a8fb2ffc7644d7595","sha1":"c8d2cfb6f2ea7cedb117438983ada046da9308c5","sha256":"87dcbe7e133546fbef81f6774fd696143384c965147b3304d86a6bcfa246f117","sha512":"edc305cc9b46ec38011d496242a9fde37647faea337b5cf813050e699798d8f35da747ffc1b5fc50e5e21f374e24d2f3c78176d8e80ecca85f79eff79c7d2669","ssdeep":"192:HoNL2mKPOJ+w2Tp2+DoNvN7NHPNDnHNTn7OpDBNKPvcVFKe8MI0re46w:HoN6mGOJWTprDoN5NvXvKLKMVFKe8MJr","tlshash":"fee195c0732d9afd65942b78c53114943ba9eaaa3f31c554e35f2d337916a82d0dcd38","first_seen":"2023-08-13T21:19:22Z","last_seen":"2026-03-27T01:46:08.233866Z","times_seen":120,"resource_available":false,"data":null}},"time_used":3061,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3061,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/icons/solution.svg","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:12.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/icons/solution.svg HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/xml, text/xml, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:12 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-12bb\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4795,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a5b4cca45e96fc86f90d1cf49cecf2c4","sha1":"fb685fedfb857509aca7cd5e6b85d1a0dd8f9ace","sha256":"477b1163b7b2dc4231c425cd2bb67cb10f5a7956f6461357733ca981b6771b4c","sha512":"699cab18dbf5ae2ee9e7de9ec39ac374002b3fbbfc236fe2428db6e7d1ed790914370f77bf6df9a64928291c9bcbcb7ccfe90d5e5480d878e4593fc8031e5b35","ssdeep":"96:knQfATfcZslS0eoonnWaRWq+fEzxu/QSF5I8L/zk//AHNy+kPLltgIRHrboY2:HAc0W0qbzxuXW4zkAHsp7PboF","tlshash":"eca163917329b8bc156026b9c93026a63abf675c3e30e610a3afe91b34059c7d1ccf21","first_seen":"2023-07-26T22:20:52Z","last_seen":"2026-03-27T01:46:08.231657Z","times_seen":117,"resource_available":false,"data":null}},"time_used":3057,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3057,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/icons/planning.svg","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:12.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/icons/planning.svg HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/xml, text/xml, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:12 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-f7b\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3963,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b052e28944b2ea5d8d101a0f793caadf","sha1":"187bad20f52c12bc959476714e2dc53b30caad28","sha256":"7b4a83c63a1a45ba71c4b9a6f0e800d66126f02025e27b56321f93d47c0156e7","sha512":"a998260317ccbb9c634da80aa5908846587cb404d35fb6142e85b9ffe144c8badcb86f6833f3d6bbcfb24a4ef269555836050da04854207866f995efe5bd4c1f","ssdeep":"","tlshash":"7e81d19132ad2d4f813036b1c67a47aaaa126a947f35f384bb4b307f31050d17dd5f1a","first_seen":"2023-08-13T21:19:22Z","last_seen":"2026-03-27T01:46:08.224435Z","times_seen":117,"resource_available":false,"data":null}},"time_used":3056,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3056,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/icons/project-management.svg","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/icons/project-management.svg HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-1c6b\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7275,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"aa24918d36e78a1a8fb2ffc7644d7595","sha1":"c8d2cfb6f2ea7cedb117438983ada046da9308c5","sha256":"87dcbe7e133546fbef81f6774fd696143384c965147b3304d86a6bcfa246f117","sha512":"edc305cc9b46ec38011d496242a9fde37647faea337b5cf813050e699798d8f35da747ffc1b5fc50e5e21f374e24d2f3c78176d8e80ecca85f79eff79c7d2669","ssdeep":"192:HoNL2mKPOJ+w2Tp2+DoNvN7NHPNDnHNTn7OpDBNKPvcVFKe8MI0re46w:HoN6mGOJWTprDoN5NvXvKLKMVFKe8MJr","tlshash":"fee195c0732d9afd65942b78c53114943ba9eaaa3f31c554e35f2d337916a82d0dcd38","first_seen":"2023-08-13T21:19:22Z","last_seen":"2026-03-27T01:46:08.233866Z","times_seen":120,"resource_available":false,"data":null}},"time_used":1119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/video-bg.jpg","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:12.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/video-bg.jpg HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/style/css/style.css\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:12 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 06 Sep 2019 01:33:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d71b77c-20d01\"\r\nexpires: Sun, 25 Jan 2026 00:30:12 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":134401,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1980x1320, components 3","md5":"7b4d2663cde4f1a7b3993a043e599a4e","sha1":"dc1e08097ba90c061c839d5cdf55e19cb45e22b9","sha256":"376749c2dd8b0ce40e6bc36b4ff8caf357ff0481b61bf1955e95f3af6c45a17b","sha512":"2b3c6345e0e291c57ab638f846c2be22431e50ff6efa489541c7694335a3ccaae42adaabd571924f89740e10fb58fffe5dad3a99fd251b8fbba1975222d74b9f","ssdeep":"3072:aB5pFVYPSpvXDIG/zaoY8UyGLDgtId0nj2HT7HNpGW5f/tNxE:4DsGcyGLDII62nNpBNNu","tlshash":"46d31246ca120fa7c47d1bbbfddf0f243fea42af8667423603a941156c82755fc68906","first_seen":"2023-05-23T03:23:32Z","last_seen":"2026-03-27T01:46:08.231091Z","times_seen":92,"resource_available":false,"data":null}},"time_used":3207,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-26T00:30:09.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:10 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; path=/\nserver_name_session=f96939562445bbacea69fe8bf354624a; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Parsley.js","description":"Javascript forms validation script.","website":"https://parsleyjs.org","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"parallax.js","description":"Simple parallax scrolling effect.","website":"https://github.com/pixelcog/parallax.js","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":22644,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (601), with CRLF, LF line terminators","md5":"eafebc1b6a672812d8bb852a797d5511","sha1":"ee1e53720ab4f331440cbef2087211d423e6a7fa","sha256":"1e26d2acb1ac235d12919bf3a13ba24af20c46bbeb8ae4dc5577d65440be5ed6","sha512":"c136ffa6056b6c1d9d55ce367861bf3b2a05ee8e7b64c788db6e170da97cf5d372c06c40e842c2d6d280a2176de1349d928a8a8ff98ebec065f4b7712d39b21f","ssdeep":"192:r4friI8a/e1IwcseJkECdEZlpZ3l9EJr8gYdqn/k:r4+BacJeJL9Eeyk","tlshash":"37a2cb2498f21577059284b676611f4baf91ee8bca7f064172fc4bd56fe3e8acc07608","first_seen":"2025-12-26T00:30:41.763261Z","last_seen":"2025-12-26T00:30:41.763261Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1541,"timings":{"blocked":638,"dns":180,"connect":225,"send":0,"wait":265,"receive":0,"ssl":230},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/banner/shaps2.png","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/banner/shaps2.png HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-4a5\"\r\nexpires: Sun, 25 Jan 2026 00:30:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1189,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 43 x 41, 8-bit colormap, non-interlaced","md5":"dab4a9abfc19a0e406db29f7f95b79d1","sha1":"f298511f66dda46c744306d9ddd808149cf64c1c","sha256":"4e8433221699cbf885cfc457f772de7e8aa9593065f89b14438c7a36c22d8d1f","sha512":"98caf5c6e67a1abc8be20899267965a8853e10496e05f42520835f7f64808fbde95d4dd50acef4935a107b9525f32a4271a1ce1391735eb12819f3fcce58b7ba","ssdeep":"","tlshash":"6821b7f3262eacf9fd390134b26120922cb548237156c486a4d7b01e4bf166e3501748","first_seen":"2023-05-20T20:07:45Z","last_seen":"2026-03-27T01:46:08.22533Z","times_seen":220,"resource_available":false,"data":null}},"time_used":677,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":677,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/js/bootstrap.bundle.min.js","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-11536\"\r\nexpires: Fri, 26 Dec 2025 12:30:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70966,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65297)","md5":"ef58fee438cd2da2c3b33ff6f1cfeebf","sha1":"41a4836fc0253324e7e583905f47ba7194bac91d","sha256":"13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e","sha512":"53ce49ab8ecaba729e823bfa8153009d0c2d423a2f757cff0d03af428c6b0fa8f76867c30dba7900026e39d9d0c75b1e7ccf740fd28129242464647986b2dbb6","ssdeep":"1536:EwGC7pXnzlEHnMX6T50OpPX8EyPoWQ8Bbe:UezMMX69JPtyPoJ","tlshash":"c163c64a3250b4b202dfa177903f460bb737689da50a811cb95da8ed2d7cd993267f3c","first_seen":"2023-03-07T01:07:38Z","last_seen":"2026-04-03T12:38:31.720981Z","times_seen":2608,"resource_available":true,"data":null}},"time_used":1109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/icons/project-management.svg","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:12.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/icons/project-management.svg HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/xml, text/xml, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:12 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-1c6b\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7275,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"aa24918d36e78a1a8fb2ffc7644d7595","sha1":"c8d2cfb6f2ea7cedb117438983ada046da9308c5","sha256":"87dcbe7e133546fbef81f6774fd696143384c965147b3304d86a6bcfa246f117","sha512":"edc305cc9b46ec38011d496242a9fde37647faea337b5cf813050e699798d8f35da747ffc1b5fc50e5e21f374e24d2f3c78176d8e80ecca85f79eff79c7d2669","ssdeep":"192:HoNL2mKPOJ+w2Tp2+DoNvN7NHPNDnHNTn7OpDBNKPvcVFKe8MI0re46w:HoN6mGOJWTprDoN5NvXvKLKMVFKe8MJr","tlshash":"fee195c0732d9afd65942b78c53114943ba9eaaa3f31c554e35f2d337916a82d0dcd38","first_seen":"2023-08-13T21:19:22Z","last_seen":"2026-03-27T01:46:08.233866Z","times_seen":120,"resource_available":false,"data":null}},"time_used":3072,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3072,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/icons/planning.svg","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:12.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/icons/planning.svg HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/xml, text/xml, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:12 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-f7b\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3963,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b052e28944b2ea5d8d101a0f793caadf","sha1":"187bad20f52c12bc959476714e2dc53b30caad28","sha256":"7b4a83c63a1a45ba71c4b9a6f0e800d66126f02025e27b56321f93d47c0156e7","sha512":"a998260317ccbb9c634da80aa5908846587cb404d35fb6142e85b9ffe144c8badcb86f6833f3d6bbcfb24a4ef269555836050da04854207866f995efe5bd4c1f","ssdeep":"","tlshash":"7e81d19132ad2d4f813036b1c67a47aaaa126a947f35f384bb4b307f31050d17dd5f1a","first_seen":"2023-08-13T21:19:22Z","last_seen":"2026-03-27T01:46:08.224435Z","times_seen":117,"resource_available":false,"data":null}},"time_used":3046,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3046,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/banner/shaps3.png","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/banner/shaps3.png HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-47e\"\r\nexpires: Sun, 25 Jan 2026 00:30:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 35 x 35, 8-bit colormap, non-interlaced","md5":"bae5fe7c363266aa09d66d6c534b34f2","sha1":"08280645c6379330652f376f21b5f4f48a3c6399","sha256":"c6a3063bea44ed3fd8ce205fd033d861828d7d01efe7bb5787c7880d7c623fd7","sha512":"0ae18760a7d8ef98f882186080e883d51906d691c881713f8ca735fed3443478666ed26ab9c2ca3ef60f08e98671acf80f66850a35e140258f3c647b8678e55e","ssdeep":"","tlshash":"2121a3cf80185fb4e906084b17b5b4ddc92a6b7be50dc98d7d69a8dd80f948143a8905","first_seen":"2023-05-20T20:07:45Z","last_seen":"2026-03-27T01:46:08.257377Z","times_seen":220,"resource_available":false,"data":null}},"time_used":676,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":676,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/banner/shaps6.png","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/banner/shaps6.png HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 947\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\netag: \"5d714648-3b3\"\r\nexpires: Sun, 25 Jan 2026 00:30:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":947,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 43 x 43, 8-bit colormap, non-interlaced","md5":"1636176fab3fbacf5fefdc503bbfa7a7","sha1":"87be437283c76897b0db2fd5d814799f855e0210","sha256":"33a48e0c345620ba51c9e9b70790438d3dde51a07c1ecaf7fe49adce6d9e86ca","sha512":"23aea14c6ffa0f50f410929035c26ee7dd06c947b081f911cf56485a7e8f6cffc35622ace757fd0222a36b0843cd74e5f61d02f4e04099184f3706a4aff563e0","ssdeep":"","tlshash":"581188f36c49d4a8e437587bd72399c1dd7e849d77121d29640cd8340d1ddc542c3225","first_seen":"2023-05-20T20:07:45Z","last_seen":"2026-03-27T01:46:08.25008Z","times_seen":224,"resource_available":false,"data":null}},"time_used":675,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":675,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/banner/shaps5.png","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/banner/shaps5.png HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-442\"\r\nexpires: Sun, 25 Jan 2026 00:30:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1090,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 42 x 42, 8-bit colormap, non-interlaced","md5":"f4114091f8971907041072997240288d","sha1":"c2074b0e35ff0902379d1b67e7af76bcc65b9cae","sha256":"951b11e6c3f1691a1bf3cc1206546605049da3426f7cb0370d8ce88f6d46d2ba","sha512":"d7dfc603071ff777b6245a80255a6422ba2dc83213bc1d85178bf495619c1ac7df45f179e932cfd0a8d739b51141863a2272f8a159588dc45486ae9c91df6727","ssdeep":"","tlshash":"de11b96355437cc8d783bbf002174e568af5367734c069e979cc5408981e7d4407c7e1","first_seen":"2023-05-20T20:07:45Z","last_seen":"2026-03-27T01:46:08.247677Z","times_seen":221,"resource_available":false,"data":null}},"time_used":675,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":675,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/icons/planning.svg","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:10.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/icons/planning.svg HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:11 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-f7b\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3963,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b052e28944b2ea5d8d101a0f793caadf","sha1":"187bad20f52c12bc959476714e2dc53b30caad28","sha256":"7b4a83c63a1a45ba71c4b9a6f0e800d66126f02025e27b56321f93d47c0156e7","sha512":"a998260317ccbb9c634da80aa5908846587cb404d35fb6142e85b9ffe144c8badcb86f6833f3d6bbcfb24a4ef269555836050da04854207866f995efe5bd4c1f","ssdeep":"","tlshash":"7e81d19132ad2d4f813036b1c67a47aaaa126a947f35f384bb4b307f31050d17dd5f1a","first_seen":"2023-08-13T21:19:22Z","last_seen":"2026-03-27T01:46:08.224435Z","times_seen":117,"resource_available":false,"data":null}},"time_used":1118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1118,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dabaixiche.com/style/img/icons/teamwork.svg","fqdn":"m.dabaixiche.com","domain":"dabaixiche.com","tld":"com"},"ip":{"addr":"38.174.213.125","port":443,"asn":398993,"as":"PEG-TY","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.dabaixiche.com/","date":"2025-12-26T00:30:12.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dabaixiche.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 12:37:58 GMT","end":"Tue, 24 Feb 2026 12:37:57 GMT"},"fingerprint":{"sha1":"B7:C1:F4:AD:18:B0:9A:D8:BD:32:78:00:25:84:35:9B:04:2F:0C:D7","sha256":"F3:F1:97:03:4A:CF:3C:C9:FB:D0:AA:E7:81:7E:7C:0D:96:E6:DB:51:BC:93:D4:CE:54:A2:9A:30:81:27:EC:81"}}},"request":{"raw":"GET /style/img/icons/teamwork.svg HTTP/1.1\r\nHost: m.dabaixiche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/xml, text/xml, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dabaixiche.com/\r\nCookie: PHPSESSID=4rkl6fbf8rd1k2td0pmv5tdegf; server_name_session=f96939562445bbacea69fe8bf354624a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 00:30:12 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Sep 2019 17:30:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5d714648-14bc\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5308,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2ed656f0809f8e3157f38f6972f30767","sha1":"33b71766f6f5173981ab0fae4ee9a9401fb12f9c","sha256":"21915828db1ff28a7e022615c70979e47a8873c92cc04ac8c5e84574771ea64a","sha512":"8273b89198a59c2ec161f9133d4988e60a4e051a5e49f02367cac39e39e0aba12db39fcecf43576b0b4f289e96bd1c36654bb357b26211cfff2367f895c7e6a4","ssdeep":"96:knQfIBJ4sfN/l3H57oN0kfMtHa0+93VTPjEDKcUUVPGz/igia4w13H/6ItIxuV3h:HIBJl/ZZ7O0jHa0+93VTPeK3UVPK/igB","tlshash":"99b1c8c263ad8eaed46027b5c6701968367be9657d30e3c4e30b256b354f68198ecfc4","first_seen":"2023-10-23T17:41:35Z","last_seen":"2026-03-27T01:46:08.234679Z","times_seen":116,"resource_available":false,"data":null}},"time_used":3046,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3046,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"m.dabaixiche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}