{"report_id":"fb04df34-c8b2-4e3d-8b80-8f9ef7a7f4cd","version":6,"status":"done","tags":[],"date":"2026-05-31T11:22:22Z","url":{"schema":"http","addr":"hga1113.com","fqdn":"hga1113.com","domain":"hga1113.com","tld":"com"},"ip":{"addr":"103.163.208.152","port":0,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"268365k.com/#/register?shareCode=0HDB","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"title":"bet365","dom":{"size":71840,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (17125)","md5":"8919309b2370f850d17e2f3bee265b8e","sha1":"c2db51a8e960053717f376b0ca664b9347c5fdcd","sha256":"cdb1e5717e4d58cf0249773c4653dbc1fb19ce8c8cf7aea4fcc92ef705eb7dbf","sha512":"3ef8bc6c0266656b5682f00a34e21b5e4d432b129cd9b847e8d3eea6620865d6b7447f24514f1429e2d93a62a4b5c840eed12bfa8a425f3847b944fb245ae928","ssdeep":"1536:/dg0GdX4uL81FJAYfZHlbDV2cD/CaH9zYdQVd/kSQskwQr0I+N:G0YW0QX/BD20I+N","tlshash":"4763c57034ab2c9b096bd4d0e0207f5abc52f60fc22596807dbd53aa9fdbc247a5e474","dom_hash":"domhash3c77e1466151d97f43180627a866b3fa","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"hga1113.com","fqdn":"hga1113.com","domain":"hga1113.com","tld":"com"},"ip":{"addr":"103.163.208.152","port":0,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-05T11:22:22Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":8}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"hga1113.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"hga1113.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"hga1113.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"hga1113.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"hga1113.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"1.21302132.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"268365k.com","ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":72,"request_count":36,"received_data":8328274,"sent_data":19671,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"b365dimg.hbhjhghhhjs.cc","ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-01-27","domain_rank":0,"first_seen":"2026-03-19T06:30:40.851643Z","last_seen":"2026-05-31T06:28:41.140374Z","alert_count":0,"request_count":5,"received_data":413913,"sent_data":2587,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"hga1113.com","ip":{"addr":"103.163.208.152","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":10,"request_count":2,"received_data":1954,"sent_data":909,"comment":"","tags":null,"fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}]},{"fqdn":"1.21302132.com","ip":{"addr":"103.163.208.152","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2024-10-07","domain_rank":0,"first_seen":"2025-05-18T12:30:10.023586Z","last_seen":"2026-05-24T18:53:21.960768Z","alert_count":2,"request_count":2,"received_data":3268,"sent_data":1027,"comment":"","tags":null,"fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}]},{"fqdn":"video.mayivideo.xyz","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2022-01-17","domain_rank":0,"first_seen":"2022-06-28T01:37:33Z","last_seen":"2026-05-28T10:04:10.606223Z","alert_count":0,"request_count":3,"received_data":0,"sent_data":2811,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"268365k.com/static/js/41.2ae5fe621f3380fd7c39.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"5638d025c0cdfc47c426c760b90942e4","sha1":"35eaf9ebb06aa051fa812fb4c5816b61c2b53dc9","sha256":"720cec1463ba868179550291b22b1302ee85806bc9a687d9480dab8b9c1171ec","sha512":"8ec720d6bf5504a807dd1b5852b0e57fa5612b71186e15ad48584129887090ea4f8e22a3c881de61970effec1867c7d34eecbfcc76e345fe3dc8f783c390e8be","ssdeep":"192:8LrTCPSFKx6zSUQPex/pAJ1Kyg9fJkzsvI5RmSdPIhyefXQiAg5:8LruPDkl78cyg9fJGhPmSdPIhysbAg5","tlshash":"e912722f8ee81ad5b2d0fcc121d334aee327d46d6691a190b9d727470cadd0cb50af4a","size":9729,"data":"","first_seen":"2023-04-01T11:11:02Z","last_seen":"2026-05-31T15:05:23.793641Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/0.b6747324b034b4af5af8.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"ba1395b909259d55e85d75bf66daa643","sha1":"c8590ab0739547b785cafcab9aafc2f5f503d9f9","sha256":"3f00eb145de0a8900e854e741ed50122ea9c776658820b7c11cee76ae5ca0f74","sha512":"414e9a73106f6d128f135b48e4511a1c3a5c44d538e2bd403d43d698cd457a14953deaa1664d8a8726535f8cb0b0545648dc6ffe0a0257fcbd73ef4d94fe8ef7","ssdeep":"24576:4C+hxNMInuQkVV7zDSqJYpDwvVeTjdYOjn6i2Xn7rUddtI:GkVtzDf0jTkcze","tlshash":"46656d6a358279d307b7a0e1581b644ddca75449d088840477bceae9fcbeb09a35fe3c","size":1423592,"data":"","first_seen":"2026-03-19T06:30:50.036215Z","last_seen":"2026-05-31T15:05:23.826378Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/app.4441cdd94c95c27d5f09.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"812d9885869a13dd68c357fb45a11b99","sha1":"571f1fc617e8b1f125587839d01168287b6ef97f","sha256":"40d7a25972803a54fbd328e9b22a4e529159d1f94670b5af5aaddcb329e42a69","sha512":"bb0c576ada649b33cb8c06065ee287f86ef90c65ba09a46a0a717f6ef3d332f3166b8f9f8c9e05d2ea1a5c6ce86bd272be50b32257fc3d1ced7c71b10320f285","ssdeep":"6144:Edzrehw05nH2QApEd7n+smkv+14Vg36KH4uRrSK9VXRaLrkp5dDxs30HosuCgTUr:EF05nBA6dKsmkv+96apXRaLrkp5dDxss","tlshash":"2154397fb39bb598198d380a310f3975ada82cb3b766e8c019c8658971f1e254133fd6","size":288529,"data":"","first_seen":"2026-03-19T06:30:49.986467Z","last_seen":"2026-05-31T15:05:23.81106Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/41.2ae5fe621f3380fd7c39.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"5638d025c0cdfc47c426c760b90942e4","sha1":"35eaf9ebb06aa051fa812fb4c5816b61c2b53dc9","sha256":"720cec1463ba868179550291b22b1302ee85806bc9a687d9480dab8b9c1171ec","sha512":"8ec720d6bf5504a807dd1b5852b0e57fa5612b71186e15ad48584129887090ea4f8e22a3c881de61970effec1867c7d34eecbfcc76e345fe3dc8f783c390e8be","ssdeep":"192:8LrTCPSFKx6zSUQPex/pAJ1Kyg9fJkzsvI5RmSdPIhyefXQiAg5:8LruPDkl78cyg9fJGhPmSdPIhysbAg5","tlshash":"e912722f8ee81ad5b2d0fcc121d334aee327d46d6691a190b9d727470cadd0cb50af4a","size":9729,"data":"","first_seen":"2023-04-01T11:11:02Z","last_seen":"2026-05-31T15:05:23.793641Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hga1113.com/","fqdn":"hga1113.com","domain":"hga1113.com","tld":"com"},"ip":{"addr":"103.163.208.152","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"c5f8bc54b8b95e4d2d683ea12eda5695","sha1":"a82a27934822ee6b075235aa3346413967c1947b","sha256":"2b260c5ef51a911a341815bb0e5a1d6f108815cfc4e1319280e5a2216e65bb57","sha512":"b849bf82537657a39c9a112fb035a29890a6734b089c27da05dfc68326b885734046fea793dc294e17c8c748f9a284ae85ffdf9f229a0a8a939eb3a10d75d444","ssdeep":"","tlshash":"1ac080de3944497117d81477517ac65db4313068551a9021ccdfc8457924ff7845ff4c","size":190,"data":"","first_seen":"2025-05-18T12:30:21.087656Z","last_seen":"2026-05-31T15:05:23.827079Z","times_seen":87,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/vendor.2a4c2f906e01d29ddeb7.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c51e4e0d560687bdd05293564f5217b8","sha1":"552cda65c0dbb4b5204f02f5837a172d810c4b9f","sha256":"47d62ea33e4c484a3a11f2e6ddc9de7aea096ca866c64a8790f54b05b59140a5","sha512":"1c11cac041e3ee161ffaed11ac93c70e2afd43a3135d91b57089d05350719bf83e08f943127eea4638a5f60d6ff272d97ffaf3330f2d35365f8a2bfbd0102477","ssdeep":"6144:OGVPHICTAEIbrbaGKcxJ6N9g8kC1HowrajfRn4zN45tW63zy1bT0fxJIM:VtJAdbrbskQpzfM","tlshash":"ceb4198db291b0a503e360a5412f520bf23b6819740ac0dcf679e8e6adbc94d517bf7d","size":495459,"data":"","first_seen":"2023-04-01T11:11:01Z","last_seen":"2026-05-31T15:05:23.815876Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/6.341c8ba6441836b50c29.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"4758da8a1117d7a66df1f426118abdbc","sha1":"7cfca4d65dc942c51dd530a449968bd183a213cc","sha256":"de51583363b84d6bf9d9ad52ed714e9a8f7d4b21b68dacb4b55c5646f9efa613","sha512":"c26646d618a62712c9cf08a6cbcf56311f050dbfcf5365133581b2a9fa4f17b94db8fb0180a0dc506e3d96cd6cb7d2cd211c884d110f6c3546deffa955365104","ssdeep":"384:QIV0sK/i/xOaIvows4hc+L8YhiCY2WqOZpm6k/mcAkc6fdcfdXWx+q9A:b0sK/OODLru+L8YhikHzd2dXWh9A","tlshash":"6ec2550fb6c4b56106a764a05467d013627a6a4cf8066c38bb7dc9d3feb8b44d22f72d","size":27058,"data":"","first_seen":"2025-09-20T12:21:56.420071Z","last_seen":"2026-05-31T15:05:23.8166Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6#/","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"fcaea4b8885ca5c1fb3ddd5c490da5c6","sha1":"35745f87b37210d992a9ed534a593ae500b7adaa","sha256":"934c2008743c36db746a9d6ebd9f1b84ff11477edc55fbf7b599bbfa687f7272","sha512":"65e3bda5b8bd909b2fed0a25e3d6d3d7d2984601de4a906783c783097fcd8902ea1c2fa05d33619126415bc5000a72e8459eb81c971a85e2ddb374f9fd9231aa","ssdeep":"","tlshash":"889002c520d965518ad321a061261a46615a04f914a48c5091589c56287303092695bc","size":54,"data":"","first_seen":"2023-04-12T08:25:39Z","last_seen":"2026-05-31T15:05:23.825336Z","times_seen":22452,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/3.4f3a91902e42410c917f.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"027cc9798628f99307a84a74a6ff0fce","sha1":"7d1cbf47e06a91846c5d7c8eb7d87e4e75db853e","sha256":"e594673f0996de3809629acf7d02379f913f5a3e9e6ec0a336d5d8480698ac8c","sha512":"b1a7c6920c0365a4e3318871a8297b5278eaebf0b5e05a9dc3737735cba394a3d665d8837c24f3451b9f9954fe9f74bea6c1c169ac61c8b9c990a295040f18b3","ssdeep":"768:5WCdVG1Po3Y9QCcMWewEiWEWIj3pZEyaO/E/NZQ:5WGVGK235CE9JQ","tlshash":"4433f52be148f8b44eb65490602b1074b27a3f98750a5450bbbddac5abfcb58132f73d","size":51608,"data":"","first_seen":"2025-07-02T08:56:27.678271Z","last_seen":"2026-05-31T15:05:23.808536Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/2.a424b237739620ad571e.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"69735a226787aab5f63faa40cfa1321f","sha1":"4a457b3334c23f842cadddb64849e7a4771511c7","sha256":"3ab6aca66352ef530196fbfdf49b8f8dc85c485f91706a0fefe1df8c90e7582a","sha512":"4ca429117d7780a74589fe5a5a734e882418c275ba80577c8fa33064f7d62a8e2ca99a063525cf5f1454bd90cf0c9916187045d176e70e6b2354066a7de71128","ssdeep":"1536:U5yx6wKDu4Sq0ZSgaIBvqA3oEoW5B7UEAJ3rofUVbqqZgXepl5502qYojWGRLoLo:K7wKDue0MIBn3oEoQ2q5Wo9fFpag","tlshash":"0e835e2af79a75564ba66050002f3414ae776facb0098029f53eaaf57799f44132ff3c","size":86264,"data":"","first_seen":"2026-03-19T06:30:49.989928Z","last_seen":"2026-05-31T15:05:23.801832Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1.21302132.com/tongji/?v=1.2","fqdn":"1.21302132.com","domain":"21302132.com","tld":"com"},"ip":{"addr":"103.163.208.152","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"a134a85b3131ce0b2c7520b22b2a10f1","sha1":"97b71324fd3da0e3d51c13bcec4a87cc43020fba","sha256":"a7fdf086f155bf92a004e4a00557b72d69914a2f0d92be88db766ef95d0f2d65","sha512":"faf5c8ae6a2fe9e3fecd69cc9bbfb995f95a518e9d12cc4258ce23e1e5aa44d964b0d435c357357e8c13a311e7b39a9ad2f94a4c9d5101487993610af3a1ecdb","ssdeep":"","tlshash":"6651df9955a2e3e604b377dfaf6fa303b4654107384bc4263d5c00892f2346be1d87d9","size":2800,"data":"","first_seen":"2025-05-18T12:30:21.04523Z","last_seen":"2026-05-31T15:05:23.806171Z","times_seen":86,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/manifest.21cd61d648887469503b.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"325067f9b4d17d0287eeedd6fc50f2fa","sha1":"e9014820cf0263f5afe9eaa0650b446eeee103f4","sha256":"a6fd97ef364992d3b31841d303df6b05e8a592ff77ac7017ec5b4641fa12368d","sha512":"78ea3808858dc293594b94568df8b6ccdc62cb4cf812dc17b916365891488ac4decc558849197aaff714fa4000aec723cb656ccbd90d322a4ba9f90a6e718510","ssdeep":"","tlshash":"b551a3a9b6aef5e2a7b714a8573b8166b13c35026d2ccc54d3ccd6c62c29c849124bf5","size":2496,"data":"","first_seen":"2026-03-19T06:30:49.997072Z","last_seen":"2026-05-31T15:05:23.794591Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/vendor.2a4c2f906e01d29ddeb7.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c51e4e0d560687bdd05293564f5217b8","sha1":"552cda65c0dbb4b5204f02f5837a172d810c4b9f","sha256":"47d62ea33e4c484a3a11f2e6ddc9de7aea096ca866c64a8790f54b05b59140a5","sha512":"1c11cac041e3ee161ffaed11ac93c70e2afd43a3135d91b57089d05350719bf83e08f943127eea4638a5f60d6ff272d97ffaf3330f2d35365f8a2bfbd0102477","ssdeep":"6144:OGVPHICTAEIbrbaGKcxJ6N9g8kC1HowrajfRn4zN45tW63zy1bT0fxJIM:VtJAdbrbskQpzfM","tlshash":"ceb4198db291b0a503e360a5412f520bf23b6819740ac0dcf679e8e6adbc94d517bf7d","size":495459,"data":"","first_seen":"2023-04-01T11:11:01Z","last_seen":"2026-05-31T15:05:23.815876Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/manifest.21cd61d648887469503b.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"325067f9b4d17d0287eeedd6fc50f2fa","sha1":"e9014820cf0263f5afe9eaa0650b446eeee103f4","sha256":"a6fd97ef364992d3b31841d303df6b05e8a592ff77ac7017ec5b4641fa12368d","sha512":"78ea3808858dc293594b94568df8b6ccdc62cb4cf812dc17b916365891488ac4decc558849197aaff714fa4000aec723cb656ccbd90d322a4ba9f90a6e718510","ssdeep":"","tlshash":"b551a3a9b6aef5e2a7b714a8573b8166b13c35026d2ccc54d3ccd6c62c29c849124bf5","size":2496,"data":"","first_seen":"2026-03-19T06:30:49.997072Z","last_seen":"2026-05-31T15:05:23.794591Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/vendor.2a4c2f906e01d29ddeb7.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c51e4e0d560687bdd05293564f5217b8","sha1":"552cda65c0dbb4b5204f02f5837a172d810c4b9f","sha256":"47d62ea33e4c484a3a11f2e6ddc9de7aea096ca866c64a8790f54b05b59140a5","sha512":"1c11cac041e3ee161ffaed11ac93c70e2afd43a3135d91b57089d05350719bf83e08f943127eea4638a5f60d6ff272d97ffaf3330f2d35365f8a2bfbd0102477","ssdeep":"6144:OGVPHICTAEIbrbaGKcxJ6N9g8kC1HowrajfRn4zN45tW63zy1bT0fxJIM:VtJAdbrbskQpzfM","tlshash":"ceb4198db291b0a503e360a5412f520bf23b6819740ac0dcf679e8e6adbc94d517bf7d","size":495459,"data":"","first_seen":"2023-04-01T11:11:01Z","last_seen":"2026-05-31T15:05:23.815876Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/app.4441cdd94c95c27d5f09.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"812d9885869a13dd68c357fb45a11b99","sha1":"571f1fc617e8b1f125587839d01168287b6ef97f","sha256":"40d7a25972803a54fbd328e9b22a4e529159d1f94670b5af5aaddcb329e42a69","sha512":"bb0c576ada649b33cb8c06065ee287f86ef90c65ba09a46a0a717f6ef3d332f3166b8f9f8c9e05d2ea1a5c6ce86bd272be50b32257fc3d1ced7c71b10320f285","ssdeep":"6144:Edzrehw05nH2QApEd7n+smkv+14Vg36KH4uRrSK9VXRaLrkp5dDxs30HosuCgTUr:EF05nBA6dKsmkv+96apXRaLrkp5dDxss","tlshash":"2154397fb39bb598198d380a310f3975ada82cb3b766e8c019c8658971f1e254133fd6","size":288529,"data":"","first_seen":"2026-03-19T06:30:49.986467Z","last_seen":"2026-05-31T15:05:23.81106Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/39.0870158ab4de11f2c199.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"84b948edf3628ff28216fb407e08eafe","sha1":"55601fcd0622b06bd24217219e99c79f53e2c441","sha256":"4608e5b8a3da9dc4cad1d90b8892790c4c694f2927d9fd5daaa6a85b86de636d","sha512":"a78e7c4a6a65b55cdbffe39a0da2e4ec534c222db42e033a227d8ae633f3ea5a72960c810db535b4552c617589938d7fcd9705bc6349015819a53fc155b2b556","ssdeep":"192:1ibTQMRbwQoLn7bwKg6IaVGham4/Kp8m+5rI6zU0U3fCGjovvufai:1idRcf70Kg6JGhVU1PzU0UPCuovWCi","tlshash":"9132742b5dd81a89b2d1fcc122d33459e317d85f26219681bdd3178b1cbec0cb52ee8a","size":11076,"data":"","first_seen":"2025-03-10T07:24:07.586727Z","last_seen":"2026-05-31T15:05:23.806998Z","times_seen":31,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/app.4441cdd94c95c27d5f09.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"812d9885869a13dd68c357fb45a11b99","sha1":"571f1fc617e8b1f125587839d01168287b6ef97f","sha256":"40d7a25972803a54fbd328e9b22a4e529159d1f94670b5af5aaddcb329e42a69","sha512":"bb0c576ada649b33cb8c06065ee287f86ef90c65ba09a46a0a717f6ef3d332f3166b8f9f8c9e05d2ea1a5c6ce86bd272be50b32257fc3d1ced7c71b10320f285","ssdeep":"6144:Edzrehw05nH2QApEd7n+smkv+14Vg36KH4uRrSK9VXRaLrkp5dDxs30HosuCgTUr:EF05nBA6dKsmkv+96apXRaLrkp5dDxss","tlshash":"2154397fb39bb598198d380a310f3975ada82cb3b766e8c019c8658971f1e254133fd6","size":288529,"data":"","first_seen":"2026-03-19T06:30:49.986467Z","last_seen":"2026-05-31T15:05:23.81106Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/0.b6747324b034b4af5af8.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"ba1395b909259d55e85d75bf66daa643","sha1":"c8590ab0739547b785cafcab9aafc2f5f503d9f9","sha256":"3f00eb145de0a8900e854e741ed50122ea9c776658820b7c11cee76ae5ca0f74","sha512":"414e9a73106f6d128f135b48e4511a1c3a5c44d538e2bd403d43d698cd457a14953deaa1664d8a8726535f8cb0b0545648dc6ffe0a0257fcbd73ef4d94fe8ef7","ssdeep":"24576:4C+hxNMInuQkVV7zDSqJYpDwvVeTjdYOjn6i2Xn7rUddtI:GkVtzDf0jTkcze","tlshash":"46656d6a358279d307b7a0e1581b644ddca75449d088840477bceae9fcbeb09a35fe3c","size":1423592,"data":"","first_seen":"2026-03-19T06:30:50.036215Z","last_seen":"2026-05-31T15:05:23.826378Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/#/register?shareCode=0HDB","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"fcaea4b8885ca5c1fb3ddd5c490da5c6","sha1":"35745f87b37210d992a9ed534a593ae500b7adaa","sha256":"934c2008743c36db746a9d6ebd9f1b84ff11477edc55fbf7b599bbfa687f7272","sha512":"65e3bda5b8bd909b2fed0a25e3d6d3d7d2984601de4a906783c783097fcd8902ea1c2fa05d33619126415bc5000a72e8459eb81c971a85e2ddb374f9fd9231aa","ssdeep":"","tlshash":"889002c520d965518ad321a061261a46615a04f914a48c5091589c56287303092695bc","size":54,"data":"","first_seen":"2023-04-12T08:25:39Z","last_seen":"2026-05-31T15:05:23.825336Z","times_seen":22452,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/6.341c8ba6441836b50c29.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"4758da8a1117d7a66df1f426118abdbc","sha1":"7cfca4d65dc942c51dd530a449968bd183a213cc","sha256":"de51583363b84d6bf9d9ad52ed714e9a8f7d4b21b68dacb4b55c5646f9efa613","sha512":"c26646d618a62712c9cf08a6cbcf56311f050dbfcf5365133581b2a9fa4f17b94db8fb0180a0dc506e3d96cd6cb7d2cd211c884d110f6c3546deffa955365104","ssdeep":"384:QIV0sK/i/xOaIvows4hc+L8YhiCY2WqOZpm6k/mcAkc6fdcfdXWx+q9A:b0sK/OODLru+L8YhikHzd2dXWh9A","tlshash":"6ec2550fb6c4b56106a764a05467d013627a6a4cf8066c38bb7dc9d3feb8b44d22f72d","size":27058,"data":"","first_seen":"2025-09-20T12:21:56.420071Z","last_seen":"2026-05-31T15:05:23.8166Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/manifest.21cd61d648887469503b.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"325067f9b4d17d0287eeedd6fc50f2fa","sha1":"e9014820cf0263f5afe9eaa0650b446eeee103f4","sha256":"a6fd97ef364992d3b31841d303df6b05e8a592ff77ac7017ec5b4641fa12368d","sha512":"78ea3808858dc293594b94568df8b6ccdc62cb4cf812dc17b916365891488ac4decc558849197aaff714fa4000aec723cb656ccbd90d322a4ba9f90a6e718510","ssdeep":"","tlshash":"b551a3a9b6aef5e2a7b714a8573b8166b13c35026d2ccc54d3ccd6c62c29c849124bf5","size":2496,"data":"","first_seen":"2026-03-19T06:30:49.997072Z","last_seen":"2026-05-31T15:05:23.794591Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/#/register?shareCode=0HDB","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"fcaea4b8885ca5c1fb3ddd5c490da5c6","sha1":"35745f87b37210d992a9ed534a593ae500b7adaa","sha256":"934c2008743c36db746a9d6ebd9f1b84ff11477edc55fbf7b599bbfa687f7272","sha512":"65e3bda5b8bd909b2fed0a25e3d6d3d7d2984601de4a906783c783097fcd8902ea1c2fa05d33619126415bc5000a72e8459eb81c971a85e2ddb374f9fd9231aa","ssdeep":"","tlshash":"889002c520d965518ad321a061261a46615a04f914a48c5091589c56287303092695bc","size":54,"data":"","first_seen":"2023-04-12T08:25:39Z","last_seen":"2026-05-31T15:05:23.825336Z","times_seen":22452,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"268365k.com/static/js/6.341c8ba6441836b50c29.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:03.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/6.341c8ba6441836b50c29.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-69b2\"\r\nexpires: Tue, 30 Jun 2026 11:22:03 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27058,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (26992), with no line terminators","md5":"4758da8a1117d7a66df1f426118abdbc","sha1":"7cfca4d65dc942c51dd530a449968bd183a213cc","sha256":"de51583363b84d6bf9d9ad52ed714e9a8f7d4b21b68dacb4b55c5646f9efa613","sha512":"c26646d618a62712c9cf08a6cbcf56311f050dbfcf5365133581b2a9fa4f17b94db8fb0180a0dc506e3d96cd6cb7d2cd211c884d110f6c3546deffa955365104","ssdeep":"384:QIV0sK/i/xOaIvows4hc+L8YhiCY2WqOZpm6k/mcAkc6fdcfdXWx+q9A:b0sK/OODLru+L8YhikHzd2dXWh9A","tlshash":"6ec2550fb6c4b56106a764a05467d013627a6a4cf8066c38bb7dc9d3feb8b44d22f72d","first_seen":"2025-09-20T12:21:56.420071Z","last_seen":"2026-05-31T15:05:23.8166Z","times_seen":7,"resource_available":true,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/css/app.2acc6223a4b16d9a5c43f24efee89d2c.css","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:04.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/css/app.2acc6223a4b16d9a5c43f24efee89d2c.css HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:04 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-e2126\"\r\nexpires: Tue, 30 Jun 2026 11:22:04 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":925990,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"81c3b98331201c27903b5be055530182","sha1":"5c58294e48fe29bdddb6d1bc45987324d1bf493b","sha256":"679b5ed58797cb02453890059d3321e20046991c522223ba6ddfc15c287ba475","sha512":"26dd168d1ad187526d5bfe6b31c619bb30fd9858771f75a2943851da6240ae467314dab9c2f206eee9d08f9fbccc049d8439036687398497489f34e02f9e7eac","ssdeep":"12288:Rada3Kh5evhBsQ5R5TubG42/ouFz8/kQAGzlh:3s5evhBsQ5R6G48ogg/kOT","tlshash":"c9155b33e707321b602bce68a5c02aa95e19d323c01357f9bd56791cdbc758523ab78b","first_seen":"2026-03-19T06:30:49.96074Z","last_seen":"2026-05-31T15:05:23.799217Z","times_seen":15,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:05.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6 HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:05 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 617\r\nexpires: Sun, 31 May 2026 11:22:04 GMT\r\nlast-modified: Sunday, 31-May-2026 11:22:05 GMT\r\ncache-control: no-cache, no-cache, must-revalidate, proxy-revalidate, max-age=0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":617,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (617), with no line terminators","md5":"b6c0d20ba76294a5ea70388a2c628ef3","sha1":"a969cc6e3e6deffd29b8cb1c53fca466ed12a091","sha256":"ebc1e40c947270dbee11e657cb3b1b71130c009b6dc393f991040baf38cd5813","sha512":"3b7a046c6724abc243bc4ab66ea7b5dfdc7ae623467ac017653d05f596705f4d4239330e4cf6fba45f3b35242639943a5cd1c1b4c76914593f3b8df56a4c60f4","ssdeep":"","tlshash":"83f0ac8b5e16c8be59201cca3a79f128d00fdeb23b21cc408ac459ec8c4879c1e3d487","first_seen":"2026-03-19T06:30:50.033046Z","last_seen":"2026-05-31T15:05:23.797478Z","times_seen":15,"resource_available":true,"data":null}},"time_used":211,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":205,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/api/v4/config/public","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:04.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /api/v4/config/public HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nversion: 2.2\r\nfrom: 1\r\ncolorType: 1\r\nos: v2.2\r\nnet: wifi\r\nAuthorization: undefined\r\nLanguage: zh\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:04 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 1502\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS\r\nset-cookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c; expires=Sun, 31-May-2026 23:22:04 GMT; path=/; httponly\r\ncontent-encoding: gzip\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4311,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"18062f319992708def93d59046b50ff1","sha1":"4983bed29e222e50eaad9576c0db0935888b9ce4","sha256":"d240019c5cad74af4bdfb979f17b6286949d620a5d980461a22838ae190fc507","sha512":"fda23f8e132cb0a3337cb7d513a46374a3a06fd3d0809c555ae4b31031744615c8dacf22fc0e825286d9fc43d116b6a110d7cf63b2e6b6616564eb5642148de6","ssdeep":"96:6g3lO4/vvFXPKgaX7hgiXNgiXUgiXJiiX6gdXNQgiXAWgdXggdXb1pkiSUpkiSD:6g3PPK/7hfNfUfJR6ENQfAWEgEb3SMSD","tlshash":"d591842d19ce8c69936201e115cf683db4ca256b1edcb9c6f7bc7d8100a50d56f4f886","first_seen":"2026-05-31T11:22:37.510633Z","last_seen":"2026-05-31T11:22:37.510633Z","times_seen":1,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":239,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/api/v4/config/public","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:05.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /api/v4/config/public HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nversion: 2.2\r\nfrom: 1\r\ncolorType: 1\r\nos: v2.2\r\nnet: wifi\r\nAuthorization: undefined\r\nLanguage: zh\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:06 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 1507\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS\r\nset-cookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c; expires=Sun, 31-May-2026 23:22:06 GMT; path=/; httponly\r\ncontent-encoding: gzip\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4323,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2df7c06a0862faf22bd0a3d95f08e9b4","sha1":"2b96fe5a6b1b989659e6f005725e703d9e027a19","sha256":"41539d974499ec878381a84dcd4e124fb790bcf6641c31dd613a739a864190ed","sha512":"a0e7909b2c9c94e9d498e46f6fcd0519578022ba436afaa09803142bb2d3f1561013d49d551df9ce6752513c575e748388b1e8e762e0265b8d44fafc77367702","ssdeep":"96:6g3lO4/vvFXPKgaX7hgiXNgiXUgiXJiiX6gdXNQgiXAWgdXggdXbCs/dHs/dP:6g3PPK/7hfNfUfJR6ENQfAWEgEbCs/dm","tlshash":"eb91413d198d4cb9a32300e0498f6c2db885241f5fecb9c7f7ac7e5100aa0e96b4b496","first_seen":"2026-05-31T11:22:37.511814Z","last_seen":"2026-05-31T11:22:37.511814Z","times_seen":1,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"b365dimg.hbhjhghhhjs.cc/static/B365D/admin/20260123/65c0d1d3e1047a2c00cf90716dd8f0.mp4","fqdn":"b365dimg.hbhjhghhhjs.cc","domain":"hbhjhghhhjs.cc","tld":"cc"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:06.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"b365dimg.hbhjhghhhjs.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:37:06 GMT","end":"Tue, 18 Aug 2026 17:37:05 GMT"},"fingerprint":{"sha1":"BE:D7:ED:42:73:8B:9A:C7:98:19:46:0B:F3:9C:54:C3:EF:CA:56:58","sha256":"47:72:0B:E1:CF:EF:AC:D5:AF:C9:7C:B6:82:20:1F:1F:C3:34:A9:52:FE:73:CF:32:A0:80:77:B8:49:36:08:48"}}},"request":{"raw":"GET /static/B365D/admin/20260123/65c0d1d3e1047a2c00cf90716dd8f0.mp4 HTTP/1.1\r\nHost: b365dimg.hbhjhghhhjs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=4882432-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:07 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 13556\r\nlast-modified: Thu, 22 Jan 2026 17:24:41 GMT\r\netag: \"69725d59-4ab4f4\"\r\nexpires: Fri, 15 May 2026 19:35:21 GMT\r\ncache-control: max-age=60\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST,OPTIONS,PUT\r\nby: SuKvVZxOO90IC6Ye, SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ngp-cache-status: HIT\r\ncontent-range: bytes 4882432-4895987/4895988\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13556,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"60813f25e7f55f8f9c2f8bb172fccc40","sha1":"d6b5962ce9c9fccc20e77d0766b77c9e9a5430dc","sha256":"e11ada65e000103876ecca7d8dc9758662a7ced9b1d84334650cbaeab7b62c5e","sha512":"2aff66dfcb11ae0b8d5a6c7cd663d023f36bee7bd29998486ed52ba552e1f14a46b8e0bec4b2d2ab00e220c89048b9365c250ad1a062e85314aa39896f8b1224","ssdeep":"384:MTxjwKiViqugRyIpO5i5i55i5i5i55i5i5i55i5i55i5i5i55i5i5i55i5i5i55U:Ma3iquIn4kkf68/P","tlshash":"7d524d672f831b02d4440bf0d2d3c36112aee55e7aab17874760f2f8ed54650af8e6ad","first_seen":"2026-03-21T23:47:51.025194Z","last_seen":"2026-05-31T15:05:23.791836Z","times_seen":6,"resource_available":false,"data":null}},"time_used":362,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":360,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/css/app.2acc6223a4b16d9a5c43f24efee89d2c.css","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:05.352Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/css/app.2acc6223a4b16d9a5c43f24efee89d2c.css HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:05 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-e2126\"\r\nexpires: Tue, 30 Jun 2026 11:22:05 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":925990,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"81c3b98331201c27903b5be055530182","sha1":"5c58294e48fe29bdddb6d1bc45987324d1bf493b","sha256":"679b5ed58797cb02453890059d3321e20046991c522223ba6ddfc15c287ba475","sha512":"26dd168d1ad187526d5bfe6b31c619bb30fd9858771f75a2943851da6240ae467314dab9c2f206eee9d08f9fbccc049d8439036687398497489f34e02f9e7eac","ssdeep":"12288:Rada3Kh5evhBsQ5R5TubG42/ouFz8/kQAGzlh:3s5evhBsQ5R6G48ogg/kOT","tlshash":"c9155b33e707321b602bce68a5c02aa95e19d323c01357f9bd56791cdbc758523ab78b","first_seen":"2026-03-19T06:30:49.96074Z","last_seen":"2026-05-31T15:05:23.799217Z","times_seen":15,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/app.4441cdd94c95c27d5f09.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:05.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/app.4441cdd94c95c27d5f09.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-46711\"\r\nexpires: Tue, 30 Jun 2026 11:22:05 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":288529,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65500), with no line terminators","md5":"324e358d076875bd4b9a4a5779c83d0c","sha1":"f0ae5773cc01ee54d8d78e204c1f4f5ad2dd5252","sha256":"3743a476dacd0eb5847a19a0fda558611b2415becf8b77d76a54b640c5c3ad72","sha512":"0ca093c7e93d1ea49c18a7a5b348b6c98d571e5d8364acf156363532489af718af08c1a9bcf58303133a8ac495a6e53cf84e2d04d8e430a68287f50bcfaac3a4","ssdeep":"6144:Edzrehw05nH2QApEd7n+smkv+14Vg36KH4uRrSK9VXRaLrkp5dDxs30HiWotZ:EF05nBA6dKsmkv+96apXRaLrkp5dDxs/","tlshash":"0754283db36bb34815cd3409350f3b7aafa418b3a3aa98cc1d98d58521ead715132fd6","first_seen":"2026-05-31T11:22:37.514191Z","last_seen":"2026-05-31T11:22:37.514191Z","times_seen":1,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/app.4441cdd94c95c27d5f09.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:04.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/app.4441cdd94c95c27d5f09.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:04 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-46711\"\r\nexpires: Tue, 30 Jun 2026 11:22:04 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":288529,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65500), with no line terminators","md5":"31da169f4c5c9687ee18ffa62cf08700","sha1":"a31f362ffc3ef9aa853712333c69cef9297debd3","sha256":"d12108b6297c8643b257fc5fe40ccebc492660be06151408a81c7a419cbab45c","sha512":"13ebeb384b8202e64f226665cc71b1e9b5a127d78514725423ff6cd9bfab620fc6ce29a56ca54b4c08fe4d857403cdeacd27a1e0ac13e84bbb30c8f4a5a0b7f1","ssdeep":"6144:Edzrehw05nH2QApEd7n+smkv+14Vg36KH4VwFz8af+K9VXRaLrkp5dDxs30Hosu2:EF05nBA6dKsmkv+96ez8afVXRaLrkp5/","tlshash":"a7642837b34ba75d1af23408306e37e16d9a4c57e3a9f9cf95d4600920f3a199132ee9","first_seen":"2026-05-31T11:22:37.515136Z","last_seen":"2026-05-31T11:22:37.515136Z","times_seen":1,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/api/v1/user/captcha?width=180\u0026height=50\u0026fontSize=24","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:06.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /api/v1/user/captcha?width=180\u0026height=50\u0026fontSize=24 HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nversion: 2.2\r\nfrom: 1\r\ncolorType: 1\r\nos: v2.2\r\nnet: wifi\r\nAuthorization: undefined\r\nLanguage: zh\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:06 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 2428\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS\r\nset-cookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c; expires=Sun, 31-May-2026 23:22:06 GMT; path=/; httponly\r\ncontent-encoding: gzip\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3122,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"689a95577c56d2f9df5fd0db24f2ec22","sha1":"eef6d76686d122c69eb0db22afd09bf523c6343d","sha256":"c309c39e72822368d29c61dd7e4bd8397f5f68259d8c1d44860cd47a12ffb4f0","sha512":"13104bac871cd1bd04d4497209ed3f1f744349cb33e834b01a2d404fa5b16e702b3389e7185c986bdc7cd1228fae18923076cf4e4cc0f6809cc9e650889c3ff0","ssdeep":"","tlshash":"85513bfe61cc059087936bf6397999d0ec245bce605d919f690a7a41d09893b380b9c8","first_seen":"2026-05-31T11:22:37.516089Z","last_seen":"2026-05-31T11:22:37.516089Z","times_seen":1,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hga1113.com/favicon.ico","fqdn":"hga1113.com","domain":"hga1113.com","tld":"com"},"ip":{"addr":"103.163.208.152","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hga1113.com/","date":"2026-05-31T11:22:00.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.hga1113.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 18:34:14 GMT","end":"Wed, 08 Jul 2026 18:34:13 GMT"},"fingerprint":{"sha1":"DD:FC:43:51:B2:10:91:3F:4F:CE:33:9A:F1:08:A6:A2:00:F0:4F:C0","sha256":"52:B8:FF:F1:7D:A4:DC:91:45:02:07:A1:AB:19:90:FE:E5:78:CF:0D:C6:83:EA:E6:6A:AB:9E:DF:9E:B5:9E:6F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: hga1113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hga1113.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\nserver: Microsoft-IIS/10.0\r\nx-powered-by: ASP.NET\r\ndate: Sun, 31 May 2026 11:21:59 GMT\r\ncontent-length: 1163\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1163,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"b95f02d7712377499e60763a74069631","sha1":"2a6ea7a8c7353bddd6bd7b487842da1feaa525cf","sha256":"5da10042a026a0612186de79cd45da85dfb2e2d71e5749f92f10ae9f91871f68","sha512":"03e939b8cb16223055781ed96668e3426b9eec6c747da9d4071cd0144c218a9e5f725a5bc2fe6e9ba8da1795386ff08434050aa69bb67bc85029ab09ab394ba2","ssdeep":"","tlshash":"f621201992b05d50e65684a070f2b3ea3a4b8646f48b0b99e422722fd8c256290df384","first_seen":"2025-04-07T01:16:36.738328Z","last_seen":"2026-05-31T14:17:36.556693Z","times_seen":5482,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"hga1113.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"hga1113.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"hga1113.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"hga1113.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"hga1113.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/css/app.2acc6223a4b16d9a5c43f24efee89d2c.css","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:02.245Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/css/app.2acc6223a4b16d9a5c43f24efee89d2c.css HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-e2126\"\r\nexpires: Tue, 30 Jun 2026 11:22:02 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":925990,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"81c3b98331201c27903b5be055530182","sha1":"5c58294e48fe29bdddb6d1bc45987324d1bf493b","sha256":"679b5ed58797cb02453890059d3321e20046991c522223ba6ddfc15c287ba475","sha512":"26dd168d1ad187526d5bfe6b31c619bb30fd9858771f75a2943851da6240ae467314dab9c2f206eee9d08f9fbccc049d8439036687398497489f34e02f9e7eac","ssdeep":"12288:Rada3Kh5evhBsQ5R5TubG42/ouFz8/kQAGzlh:3s5evhBsQ5R6G48ogg/kOT","tlshash":"c9155b33e707321b602bce68a5c02aa95e19d323c01357f9bd56791cdbc758523ab78b","first_seen":"2026-03-19T06:30:49.96074Z","last_seen":"2026-05-31T15:05:23.799217Z","times_seen":15,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/6.341c8ba6441836b50c29.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:04.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/6.341c8ba6441836b50c29.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:04 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-69b2\"\r\nexpires: Tue, 30 Jun 2026 11:22:04 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27058,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (26992), with no line terminators","md5":"4758da8a1117d7a66df1f426118abdbc","sha1":"7cfca4d65dc942c51dd530a449968bd183a213cc","sha256":"de51583363b84d6bf9d9ad52ed714e9a8f7d4b21b68dacb4b55c5646f9efa613","sha512":"c26646d618a62712c9cf08a6cbcf56311f050dbfcf5365133581b2a9fa4f17b94db8fb0180a0dc506e3d96cd6cb7d2cd211c884d110f6c3546deffa955365104","ssdeep":"384:QIV0sK/i/xOaIvows4hc+L8YhiCY2WqOZpm6k/mcAkc6fdcfdXWx+q9A:b0sK/OODLru+L8YhikHzd2dXWh9A","tlshash":"6ec2550fb6c4b56106a764a05467d013627a6a4cf8066c38bb7dc9d3feb8b44d22f72d","first_seen":"2025-09-20T12:21:56.420071Z","last_seen":"2026-05-31T15:05:23.8166Z","times_seen":7,"resource_available":true,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/favicon.ico","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:04.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:05 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 617\r\nexpires: Tue, 19 May 2026 15:11:41 GMT\r\nlast-modified: Tuesday, 19-May-2026 15:11:42 GMT\r\ncache-control: no-cache, no-cache, must-revalidate, proxy-revalidate, max-age=0\r\ngp-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":617,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (617), with no line terminators","md5":"b6c0d20ba76294a5ea70388a2c628ef3","sha1":"a969cc6e3e6deffd29b8cb1c53fca466ed12a091","sha256":"ebc1e40c947270dbee11e657cb3b1b71130c009b6dc393f991040baf38cd5813","sha512":"3b7a046c6724abc243bc4ab66ea7b5dfdc7ae623467ac017653d05f596705f4d4239330e4cf6fba45f3b35242639943a5cd1c1b4c76914593f3b8df56a4c60f4","ssdeep":"","tlshash":"83f0ac8b5e16c8be59201cca3a79f128d00fdeb23b21cc408ac459ec8c4879c1e3d487","first_seen":"2026-03-19T06:30:50.033046Z","last_seen":"2026-05-31T15:05:23.797478Z","times_seen":15,"resource_available":true,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/api/v4/config/public","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:03.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /api/v4/config/public HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nversion: 2.2\r\nfrom: 1\r\ncolorType: 1\r\nos: v2.2\r\nnet: wifi\r\nAuthorization: undefined\r\nLanguage: zh\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:03 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 1507\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS\r\nset-cookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c; expires=Sun, 31-May-2026 23:22:03 GMT; path=/; httponly\r\ncontent-encoding: gzip\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4325,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"54d92aa3cbcb7cf5345e27d20e4bb8f6","sha1":"cb3de912ebb6e10d57bcb0bd377c78fbe2db0870","sha256":"0c3af19954ad5d1fd8632a2832c1f2980d20d0ed8b619934196c2f8f2c5c3298","sha512":"50cf45412e59ddd81542fecdf4acd654cdec9dafa240a546561f3252d61932dd8a275951f5e458bde3f3071afd1ab85b1463d994c60cc937e151478641e00e8a","ssdeep":"96:6g3lO4/vvFXPKgaX7hgiXNgiXUgiXJiiX6gdXNQgiXAWgdXggdXbEdGBdGM:6g3PPK/7hfNfUfJR6ENQfAWEgEbEsBsM","tlshash":"5c91622919cd48a9d79300e046cf692eb4c9141b5edcb8d6f7bd3e81009b0d86b8b89b","first_seen":"2026-05-31T11:22:37.517651Z","last_seen":"2026-05-31T11:22:37.517651Z","times_seen":1,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":252,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1.21302132.com/tongji/?v=1.2","fqdn":"1.21302132.com","domain":"21302132.com","tld":"com"},"ip":{"addr":"103.163.208.152","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hga1113.com/","date":"2026-05-31T11:22:00.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"1.21302132.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 18:33:04 GMT","end":"Fri, 31 Jul 2026 18:33:03 GMT"},"fingerprint":{"sha1":"C2:C7:D1:31:F4:05:12:BD:7B:81:23:B3:A6:9E:B5:94:AF:A9:59:2C","sha256":"DF:E3:51:7A:D6:10:15:F3:04:BE:A0:90:E9:9F:27:60:68:E2:E7:AF:D6:49:75:2C:24:63:3B:05:8F:0E:45:4D"}}},"request":{"raw":"GET /tongji/?v=1.2 HTTP/1.1\r\nHost: 1.21302132.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hga1113.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nserver: Microsoft-IIS/10.0\r\nx-powered-by: ClassCMS, ASP.NET\r\ndate: Sun, 31 May 2026 11:22:01 GMT\r\ncontent-length: 1073\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":2800,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"a134a85b3131ce0b2c7520b22b2a10f1","sha1":"97b71324fd3da0e3d51c13bcec4a87cc43020fba","sha256":"a7fdf086f155bf92a004e4a00557b72d69914a2f0d92be88db766ef95d0f2d65","sha512":"faf5c8ae6a2fe9e3fecd69cc9bbfb995f95a518e9d12cc4258ce23e1e5aa44d964b0d435c357357e8c13a311e7b39a9ad2f94a4c9d5101487993610af3a1ecdb","ssdeep":"","tlshash":"6651df9955a2e3e604b377dfaf6fa303b4654107384bc4263d5c00892f2346be1d87d9","first_seen":"2025-05-18T12:30:21.04523Z","last_seen":"2026-05-31T15:05:23.806171Z","times_seen":86,"resource_available":true,"data":null}},"time_used":1987,"timings":{"blocked":855,"dns":62,"connect":259,"send":0,"wait":276,"receive":0,"ssl":533},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"1.21302132.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1.21302132.com/tongji/ping/?hash=af7RMbDTtK\u0026url=https%3A%2F%2Fhga1113.com%2F\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026u=BQIzPWYxyf\u0026rnd=0.5978637320122098","fqdn":"1.21302132.com","domain":"21302132.com","tld":"com"},"ip":{"addr":"103.163.208.152","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://hga1113.com/","date":"2026-05-31T11:22:01.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"1.21302132.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 18:33:04 GMT","end":"Fri, 31 Jul 2026 18:33:03 GMT"},"fingerprint":{"sha1":"C2:C7:D1:31:F4:05:12:BD:7B:81:23:B3:A6:9E:B5:94:AF:A9:59:2C","sha256":"DF:E3:51:7A:D6:10:15:F3:04:BE:A0:90:E9:9F:27:60:68:E2:E7:AF:D6:49:75:2C:24:63:3B:05:8F:0E:45:4D"}}},"request":{"raw":"POST /tongji/ping/?hash=af7RMbDTtK\u0026url=https%3A%2F%2Fhga1113.com%2F\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026u=BQIzPWYxyf\u0026rnd=0.5978637320122098 HTTP/1.1\r\nHost: 1.21302132.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hga1113.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hga1113.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nserver: Microsoft-IIS/10.0\r\naccess-control-allow-origin: *\r\nx-powered-by: ClassCMS, ASP.NET\r\ndate: Sun, 31 May 2026 11:22:01 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T15:30:59.550945Z","times_seen":15964973,"resource_available":true,"data":null}},"time_used":274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"1.21302132.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/0.b6747324b034b4af5af8.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:04.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/0.b6747324b034b4af5af8.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:04 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-15b8e8\"\r\nexpires: Tue, 30 Jun 2026 11:22:04 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1423592,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"fe5fdeec2c7ad3bf25a4c2a26b29ec67","sha1":"4818c74b0cfd2555a4a10a1ceb6dbd0a7e803a71","sha256":"da7d43f94d2e040413a06b6c2e2352f03f65aebb012117b365547ee76abf2290","sha512":"e6cc267580fdbd1a0d15158e2e53534d98208fc6e0694aa2f7b65bbb0ddf85e544d8c79b32567af7c44a0df8430549c33a04d5f701dff5e69f5953e1f9db606d","ssdeep":"24576:4C+hxNMInuQkVV7zDSqJYpDwvVeTjdYOjn6i2p:GkVtzDf0jT2","tlshash":"75256d6a354279d307bba0e1581f644ddce75445e089840477aceae9f8bab0da31fe3c","first_seen":"2026-03-19T06:30:49.97548Z","last_seen":"2026-05-31T15:05:23.786339Z","times_seen":15,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"b365dimg.hbhjhghhhjs.cc/static/B365D/admin/20260123/2a16769603ba104142340d7c0949f7.png","fqdn":"b365dimg.hbhjhghhhjs.cc","domain":"hbhjhghhhjs.cc","tld":"cc"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:05.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"b365dimg.hbhjhghhhjs.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:37:06 GMT","end":"Tue, 18 Aug 2026 17:37:05 GMT"},"fingerprint":{"sha1":"BE:D7:ED:42:73:8B:9A:C7:98:19:46:0B:F3:9C:54:C3:EF:CA:56:58","sha256":"47:72:0B:E1:CF:EF:AC:D5:AF:C9:7C:B6:82:20:1F:1F:C3:34:A9:52:FE:73:CF:32:A0:80:77:B8:49:36:08:48"}}},"request":{"raw":"GET /static/B365D/admin/20260123/2a16769603ba104142340d7c0949f7.png HTTP/1.1\r\nHost: b365dimg.hbhjhghhhjs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 348867\r\nlast-modified: Thu, 22 Jan 2026 17:21:48 GMT\r\netag: \"69725cac-552c3\"\r\nexpires: Thu, 11 Jun 2026 15:43:42 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST,OPTIONS,PUT\r\nby: SuKvVZxOO90IC6Ye, SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ngp-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":348867,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 720 x 480, 8-bit/color RGB, non-interlaced","md5":"532a16769603ba104142340d7c0949f7","sha1":"254ae86a56260409ab36f329dcbc792a6087bb06","sha256":"e6df2007d6e2053474724ec75a8044a9795d9afc7ee28d9cd6a851d32aaa4a0f","sha512":"877bdda3cace901f56acc4a9216f9f5d3592270f260d842f5c8c1409b1af00808f094d1157a8a6ce7175794f3c5179c864d8d7deeff398b61241c90f9793031c","ssdeep":"6144:sASCqnQl2QDcqnougs/C4gQOEC+yGqWIYUNVsoVpRLMtJM268ZsnCTRPc+c6j:DlwQIQDNFx6JFWIXXTpaJM268fcA","tlshash":"d8742331e97df0b208067ef25f56b88616ba14047ab766f4f073c0ae6524e3b6b5439c","first_seen":"2026-03-21T23:47:51.026789Z","last_seen":"2026-05-31T15:05:23.811858Z","times_seen":6,"resource_available":false,"data":null}},"time_used":3430,"timings":{"blocked":1051,"dns":632,"connect":207,"send":0,"wait":636,"receive":690,"ssl":210},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/api/v1/lottery/lobby","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:06.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /api/v1/lottery/lobby HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nversion: 2.2\r\nfrom: 1\r\ncolorType: 1\r\nos: v2.2\r\nnet: wifi\r\nAuthorization: undefined\r\nLanguage: zh\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:06 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 2822\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS\r\nset-cookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c; expires=Sun, 31-May-2026 23:22:06 GMT; path=/; httponly\r\ncontent-encoding: gzip\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16556,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (15388), with no line terminators","md5":"8ef59c93e5db606f2f7282772146cb54","sha1":"ed807597e6861f14bc3759333b95f30d43b8b8a7","sha256":"150514b49d53dc0aff19bb78fd33d186a0ec83c2f96e49c5ece23c908d6a4321","sha512":"0c023770740761d6bdae068c0e61cd8124da7a0fd9c69054533de8e37776882fcd819218a66a5731c988837ba26066eb6cca701b1225501f45721860bbfa540b","ssdeep":"192:aD/2OmD3qZP++abHmUlv/wSC+SsOPWWSRAyfsz1jdX4avjmouLRVzFtdxmbdkP+X:aDOOnktuvY+","tlshash":"ee72883dbaed9ce70295c8c0c19f39eb9085116789a82cc2666cff5c48eb65e5a4f0d1","first_seen":"2026-05-31T11:22:37.521399Z","last_seen":"2026-05-31T11:22:37.521399Z","times_seen":1,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hga1113.com/","fqdn":"hga1113.com","domain":"hga1113.com","tld":"com"},"ip":{"addr":"103.163.208.152","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-31T11:21:58.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.hga1113.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 18:34:14 GMT","end":"Wed, 08 Jul 2026 18:34:13 GMT"},"fingerprint":{"sha1":"DD:FC:43:51:B2:10:91:3F:4F:CE:33:9A:F1:08:A6:A2:00:F0:4F:C0","sha256":"52:B8:FF:F1:7D:A4:DC:91:45:02:07:A1:AB:19:90:FE:E5:78:CF:0D:C6:83:EA:E6:6A:AB:9E:DF:9E:B5:9E:6F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hga1113.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 21 May 2026 13:26:56 GMT\r\naccept-ranges: bytes\r\netag: \"51db7f25e9dc1:0\"\r\nvary: Accept-Encoding\r\nserver: Microsoft-IIS/10.0\r\nx-powered-by: ASP.NET\r\ndate: Sun, 31 May 2026 11:21:59 GMT\r\ncontent-length: 355\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":301,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"82decb259a2206a6293dca4ef2faed99","sha1":"fded1331a6e0302b5a78ce02812accc26e92ea00","sha256":"e257735390b749b9de74bb57a6e60dcea57419cdc64278bda340813a1204bb0e","sha512":"9cacdd0efb12dba9fdcdcbf363bfb84bc0eedb6db24141c94f6f8706722f4d00353b2de905f827e65c3fd0ef757bce03c4aa2dbb11e6b2936e822853a2059064","ssdeep":"","tlshash":"39e0729e3c04c8321ba42076203ad02db022301448098060c8aa84ca2932ff3cc4bb09","first_seen":"2026-05-31T06:29:09.371496Z","last_seen":"2026-05-31T15:05:23.785128Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1997,"timings":{"blocked":867,"dns":71,"connect":260,"send":0,"wait":263,"receive":0,"ssl":533},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"hga1113.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"hga1113.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"hga1113.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"hga1113.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"hga1113.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"b365dimg.hbhjhghhhjs.cc/static/B365D/admin/20260123/65c0d1d3e1047a2c00cf90716dd8f0.mp4","fqdn":"b365dimg.hbhjhghhhjs.cc","domain":"hbhjhghhhjs.cc","tld":"cc"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:05.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"b365dimg.hbhjhghhhjs.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:37:06 GMT","end":"Tue, 18 Aug 2026 17:37:05 GMT"},"fingerprint":{"sha1":"BE:D7:ED:42:73:8B:9A:C7:98:19:46:0B:F3:9C:54:C3:EF:CA:56:58","sha256":"47:72:0B:E1:CF:EF:AC:D5:AF:C9:7C:B6:82:20:1F:1F:C3:34:A9:52:FE:73:CF:32:A0:80:77:B8:49:36:08:48"}}},"request":{"raw":"GET /static/B365D/admin/20260123/65c0d1d3e1047a2c00cf90716dd8f0.mp4 HTTP/1.1\r\nHost: b365dimg.hbhjhghhhjs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:06 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 4895988\r\nlast-modified: Thu, 22 Jan 2026 17:24:41 GMT\r\netag: \"69725d59-4ab4f4\"\r\nexpires: Thu, 14 May 2026 12:26:38 GMT\r\ncache-control: max-age=60\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST,OPTIONS,PUT\r\nby: SuKvVZxOO90IC6Ye, SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ngp-cache-status: HIT\r\ncontent-range: bytes 0-4895987/4895988\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32768,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"b10c09376dc867c8f981c6844d5c9659","sha1":"6d0ceb352e0e94f2db870424e96da3e69c2f8ab7","sha256":"22c86849feb5495940ca402cb0b321651069700977492ba308c6d7ab91191ce5","sha512":"2174c2deb71236ecfa446bba7f8187ea49cf1dd0d445074e16540b6549dea64bb3f557519478306ed8c9116317bbfb532ca5fd66869d14913aa9d897e2f2dbed","ssdeep":"768:UZRJ3N8EeUjvC9kydH23X93pZtaebLFs0y:Uo7U2vmXvZUQJy","tlshash":"cae2e1d623c4e35304d1a673ba938c9e7f2313d3071e03967a0a27d52c66d484a79f5b","first_seen":"2026-05-31T06:28:49.291402Z","last_seen":"2026-05-31T15:05:23.822958Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2885,"timings":{"blocked":1205,"dns":793,"connect":202,"send":0,"wait":403,"receive":68,"ssl":211},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/2.a424b237739620ad571e.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:05.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/2.a424b237739620ad571e.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-150f8\"\r\nexpires: Tue, 30 Jun 2026 11:22:05 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86264,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64100), with no line terminators","md5":"69735a226787aab5f63faa40cfa1321f","sha1":"4a457b3334c23f842cadddb64849e7a4771511c7","sha256":"3ab6aca66352ef530196fbfdf49b8f8dc85c485f91706a0fefe1df8c90e7582a","sha512":"4ca429117d7780a74589fe5a5a734e882418c275ba80577c8fa33064f7d62a8e2ca99a063525cf5f1454bd90cf0c9916187045d176e70e6b2354066a7de71128","ssdeep":"1536:U5yx6wKDu4Sq0ZSgaIBvqA3oEoW5B7UEAJ3rofUVbqqZgXepl5502qYojWGRLoLo:K7wKDue0MIBn3oEoQ2q5Wo9fFpag","tlshash":"0e835e2af79a75564ba66050002f3414ae776facb0098029f53eaaf57799f44132ff3c","first_seen":"2026-03-19T06:30:49.989928Z","last_seen":"2026-05-31T15:05:23.801832Z","times_seen":15,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"video.mayivideo.xyz/notice?mcode=1325\u0026time=1780226526\u0026sign=B4bD/pm+NFkB60CZju364Agblrca14ZHkgQDa92ln76PzDlJ8/wcRsFHVdEVSRrcU1rNBJCoIbK+LX3PkmH7bcY7IZPoNcynoqnoeFBYkuLPouQQpcJXKeyzCUuo8H08tYB1j50Ui16cnKZIuWRpSgWqcJib+mg8xL1XIJjeGxMX58qQ1Z52Nxz1gY1IVuTaH9GM5XmUD0PoYxKCNyBP4c8aV8rjnRj4+01MY2jzOHaB6lBla3e7AiSZwQc2WbBFx8ESFxrWNE/1Jl7l5uQNPqosB4BgbG5rIDVgqbJBeSjdOF/KX/9o/LMeNmtnNOJZSg0v0RIAk6lTyZU9EJMYkQ==","fqdn":"video.mayivideo.xyz","domain":"mayivideo.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:06.448Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /notice?mcode=1325\u0026time=1780226526\u0026sign=B4bD/pm+NFkB60CZju364Agblrca14ZHkgQDa92ln76PzDlJ8/wcRsFHVdEVSRrcU1rNBJCoIbK+LX3PkmH7bcY7IZPoNcynoqnoeFBYkuLPouQQpcJXKeyzCUuo8H08tYB1j50Ui16cnKZIuWRpSgWqcJib+mg8xL1XIJjeGxMX58qQ1Z52Nxz1gY1IVuTaH9GM5XmUD0PoYxKCNyBP4c8aV8rjnRj4+01MY2jzOHaB6lBla3e7AiSZwQc2WbBFx8ESFxrWNE/1Jl7l5uQNPqosB4BgbG5rIDVgqbJBeSjdOF/KX/9o/LMeNmtnNOJZSg0v0RIAk6lTyZU9EJMYkQ== HTTP/1.1\r\nHost: video.mayivideo.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://268365k.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: 7d7h+qNmwvGdyDRoNsXf9Q==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T15:30:59.550945Z","times_seen":15964973,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/#/register?shareCode=0HDB","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-31T11:22:01.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:02 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 617\r\nexpires: Sun, 31 May 2026 11:22:01 GMT\r\nlast-modified: Sunday, 31-May-2026 11:22:02 GMT\r\ncache-control: no-cache, no-cache, must-revalidate, proxy-revalidate, max-age=0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":617,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (617), with no line terminators","md5":"b6c0d20ba76294a5ea70388a2c628ef3","sha1":"a969cc6e3e6deffd29b8cb1c53fca466ed12a091","sha256":"ebc1e40c947270dbee11e657cb3b1b71130c009b6dc393f991040baf38cd5813","sha512":"3b7a046c6724abc243bc4ab66ea7b5dfdc7ae623467ac017653d05f596705f4d4239330e4cf6fba45f3b35242639943a5cd1c1b4c76914593f3b8df56a4c60f4","ssdeep":"","tlshash":"83f0ac8b5e16c8be59201cca3a79f128d00fdeb23b21cc408ac459ec8c4879c1e3d487","first_seen":"2026-03-19T06:30:50.033046Z","last_seen":"2026-05-31T15:05:23.797478Z","times_seen":15,"resource_available":true,"data":null}},"time_used":1150,"timings":{"blocked":472,"dns":62,"connect":202,"send":0,"wait":205,"receive":0,"ssl":206},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/39.0870158ab4de11f2c199.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:03.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/39.0870158ab4de11f2c199.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-2b44\"\r\nexpires: Tue, 30 Jun 2026 11:22:03 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11076,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (11076), with no line terminators","md5":"84b948edf3628ff28216fb407e08eafe","sha1":"55601fcd0622b06bd24217219e99c79f53e2c441","sha256":"4608e5b8a3da9dc4cad1d90b8892790c4c694f2927d9fd5daaa6a85b86de636d","sha512":"a78e7c4a6a65b55cdbffe39a0da2e4ec534c222db42e033a227d8ae633f3ea5a72960c810db535b4552c617589938d7fcd9705bc6349015819a53fc155b2b556","ssdeep":"192:1ibTQMRbwQoLn7bwKg6IaVGham4/Kp8m+5rI6zU0U3fCGjovvufai:1idRcf70Kg6JGhVU1PzU0UPCuovWCi","tlshash":"9132742b5dd81a89b2d1fcc122d33459e317d85f26219681bdd3178b1cbec0cb52ee8a","first_seen":"2025-03-10T07:24:07.586727Z","last_seen":"2026-05-31T15:05:23.806998Z","times_seen":31,"resource_available":true,"data":null}},"time_used":221,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":221,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/vendor.2a4c2f906e01d29ddeb7.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:05.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/vendor.2a4c2f906e01d29ddeb7.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-78f63\"\r\nexpires: Tue, 30 Jun 2026 11:22:05 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":495459,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators","md5":"c51e4e0d560687bdd05293564f5217b8","sha1":"552cda65c0dbb4b5204f02f5837a172d810c4b9f","sha256":"47d62ea33e4c484a3a11f2e6ddc9de7aea096ca866c64a8790f54b05b59140a5","sha512":"1c11cac041e3ee161ffaed11ac93c70e2afd43a3135d91b57089d05350719bf83e08f943127eea4638a5f60d6ff272d97ffaf3330f2d35365f8a2bfbd0102477","ssdeep":"6144:OGVPHICTAEIbrbaGKcxJ6N9g8kC1HowrajfRn4zN45tW63zy1bT0fxJIM:VtJAdbrbskQpzfM","tlshash":"ceb4198db291b0a503e360a5412f520bf23b6819740ac0dcf679e8e6adbc94d517bf7d","first_seen":"2023-04-01T11:11:01Z","last_seen":"2026-05-31T15:05:23.815876Z","times_seen":37,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"b365dimg.hbhjhghhhjs.cc/static/B365D/admin/20260126/06a403109aa9b443f07b264f0f339a.png","fqdn":"b365dimg.hbhjhghhhjs.cc","domain":"hbhjhghhhjs.cc","tld":"cc"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:05.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"b365dimg.hbhjhghhhjs.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:37:06 GMT","end":"Tue, 18 Aug 2026 17:37:05 GMT"},"fingerprint":{"sha1":"BE:D7:ED:42:73:8B:9A:C7:98:19:46:0B:F3:9C:54:C3:EF:CA:56:58","sha256":"47:72:0B:E1:CF:EF:AC:D5:AF:C9:7C:B6:82:20:1F:1F:C3:34:A9:52:FE:73:CF:32:A0:80:77:B8:49:36:08:48"}}},"request":{"raw":"GET /static/B365D/admin/20260126/06a403109aa9b443f07b264f0f339a.png HTTP/1.1\r\nHost: b365dimg.hbhjhghhhjs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 10719\r\nlast-modified: Mon, 26 Jan 2026 14:52:10 GMT\r\netag: \"69777f9a-29df\"\r\nexpires: Thu, 11 Jun 2026 15:43:42 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST,OPTIONS,PUT\r\nby: SuKvVZxOO90IC6Ye, SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ngp-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10719,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 504 x 471, 8-bit/color RGBA, non-interlaced","md5":"9b06a403109aa9b443f07b264f0f339a","sha1":"3ae720b2484fc2f9f8242afbe03acef8019fce55","sha256":"2235e48e340b960e81db9a8cdfec6f35bb06943fc87637e068573f6dcfb8f352","sha512":"6b5d5ae2ad4e8add93a3f6335644ad62de61919faf0c129748a9804cb64364933852660ec0e83c3ab20b90ddc77835b9931007c264bc60adb2e8de4a421426f9","ssdeep":"192:5NbZSqZd6VrU9uhrtg77JEWD9Y29uppmhEQ8lTkvbPevlT:55rDU677GzwulQ8Jkv6lT","tlshash":"5a225b54dc733a548a62d8e019f8c94d3be64c42ecbc03f3a8260c5f9b179f1ae6a351","first_seen":"2026-03-21T23:47:50.988749Z","last_seen":"2026-05-31T15:05:23.798395Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2002,"timings":{"blocked":1049,"dns":0,"connect":0,"send":0,"wait":636,"receive":107,"ssl":210},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/41.2ae5fe621f3380fd7c39.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:05.900Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/41.2ae5fe621f3380fd7c39.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:06 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-2601\"\r\nexpires: Tue, 30 Jun 2026 11:22:05 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9729,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (9729), with no line terminators","md5":"5638d025c0cdfc47c426c760b90942e4","sha1":"35eaf9ebb06aa051fa812fb4c5816b61c2b53dc9","sha256":"720cec1463ba868179550291b22b1302ee85806bc9a687d9480dab8b9c1171ec","sha512":"8ec720d6bf5504a807dd1b5852b0e57fa5612b71186e15ad48584129887090ea4f8e22a3c881de61970effec1867c7d34eecbfcc76e345fe3dc8f783c390e8be","ssdeep":"192:8LrTCPSFKx6zSUQPex/pAJ1Kyg9fJkzsvI5RmSdPIhyefXQiAg5:8LruPDkl78cyg9fJGhPmSdPIhysbAg5","tlshash":"e912722f8ee81ad5b2d0fcc121d334aee327d46d6691a190b9d727470cadd0cb50af4a","first_seen":"2023-04-01T11:11:02Z","last_seen":"2026-05-31T15:05:23.793641Z","times_seen":29,"resource_available":true,"data":null}},"time_used":215,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"video.mayivideo.xyz/notice?mcode=1325\u0026time=1780226526\u0026sign=B4bD/pm+NFkB60CZju364Agblrca14ZHkgQDa92ln76PzDlJ8/wcRsFHVdEVSRrcU1rNBJCoIbK+LX3PkmH7bcY7IZPoNcynoqnoeFBYkuLPouQQpcJXKeyzCUuo8H08tYB1j50Ui16cnKZIuWRpSgWqcJib+mg8xL1XIJjeGxMX58qQ1Z52Nxz1gY1IVuTaH9GM5XmUD0PoYxKCNyBP4c8aV8rjnRj4+01MY2jzOHaB6lBla3e7AiSZwQc2WbBFx8ESFxrWNE/1Jl7l5uQNPqosB4BgbG5rIDVgqbJBeSjdOF/KX/9o/LMeNmtnNOJZSg0v0RIAk6lTyZU9EJMYkQ==","fqdn":"video.mayivideo.xyz","domain":"mayivideo.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:11.680Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /notice?mcode=1325\u0026time=1780226526\u0026sign=B4bD/pm+NFkB60CZju364Agblrca14ZHkgQDa92ln76PzDlJ8/wcRsFHVdEVSRrcU1rNBJCoIbK+LX3PkmH7bcY7IZPoNcynoqnoeFBYkuLPouQQpcJXKeyzCUuo8H08tYB1j50Ui16cnKZIuWRpSgWqcJib+mg8xL1XIJjeGxMX58qQ1Z52Nxz1gY1IVuTaH9GM5XmUD0PoYxKCNyBP4c8aV8rjnRj4+01MY2jzOHaB6lBla3e7AiSZwQc2WbBFx8ESFxrWNE/1Jl7l5uQNPqosB4BgbG5rIDVgqbJBeSjdOF/KX/9o/LMeNmtnNOJZSg0v0RIAk6lTyZU9EJMYkQ== HTTP/1.1\r\nHost: video.mayivideo.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://268365k.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: FsskNUoRm6uUzeWEu6W2vg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T15:30:59.550945Z","times_seen":15964973,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/41.2ae5fe621f3380fd7c39.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:04.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/41.2ae5fe621f3380fd7c39.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:04 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-2601\"\r\nexpires: Tue, 30 Jun 2026 11:22:04 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9729,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (9729), with no line terminators","md5":"5638d025c0cdfc47c426c760b90942e4","sha1":"35eaf9ebb06aa051fa812fb4c5816b61c2b53dc9","sha256":"720cec1463ba868179550291b22b1302ee85806bc9a687d9480dab8b9c1171ec","sha512":"8ec720d6bf5504a807dd1b5852b0e57fa5612b71186e15ad48584129887090ea4f8e22a3c881de61970effec1867c7d34eecbfcc76e345fe3dc8f783c390e8be","ssdeep":"192:8LrTCPSFKx6zSUQPex/pAJ1Kyg9fJkzsvI5RmSdPIhyefXQiAg5:8LruPDkl78cyg9fJGhPmSdPIhysbAg5","tlshash":"e912722f8ee81ad5b2d0fcc121d334aee327d46d6691a190b9d727470cadd0cb50af4a","first_seen":"2023-04-01T11:11:02Z","last_seen":"2026-05-31T15:05:23.793641Z","times_seen":29,"resource_available":true,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/vendor.2a4c2f906e01d29ddeb7.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:02.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/vendor.2a4c2f906e01d29ddeb7.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-78f63\"\r\nexpires: Tue, 30 Jun 2026 11:22:02 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":495459,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators","md5":"c51e4e0d560687bdd05293564f5217b8","sha1":"552cda65c0dbb4b5204f02f5837a172d810c4b9f","sha256":"47d62ea33e4c484a3a11f2e6ddc9de7aea096ca866c64a8790f54b05b59140a5","sha512":"1c11cac041e3ee161ffaed11ac93c70e2afd43a3135d91b57089d05350719bf83e08f943127eea4638a5f60d6ff272d97ffaf3330f2d35365f8a2bfbd0102477","ssdeep":"6144:OGVPHICTAEIbrbaGKcxJ6N9g8kC1HowrajfRn4zN45tW63zy1bT0fxJIM:VtJAdbrbskQpzfM","tlshash":"ceb4198db291b0a503e360a5412f520bf23b6819740ac0dcf679e8e6adbc94d517bf7d","first_seen":"2023-04-01T11:11:01Z","last_seen":"2026-05-31T15:05:23.815876Z","times_seen":37,"resource_available":true,"data":null}},"time_used":631,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":631,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"video.mayivideo.xyz/notice?mcode=1325\u0026time=1780226526\u0026sign=B4bD/pm+NFkB60CZju364Agblrca14ZHkgQDa92ln76PzDlJ8/wcRsFHVdEVSRrcU1rNBJCoIbK+LX3PkmH7bcY7IZPoNcynoqnoeFBYkuLPouQQpcJXKeyzCUuo8H08tYB1j50Ui16cnKZIuWRpSgWqcJib+mg8xL1XIJjeGxMX58qQ1Z52Nxz1gY1IVuTaH9GM5XmUD0PoYxKCNyBP4c8aV8rjnRj4+01MY2jzOHaB6lBla3e7AiSZwQc2WbBFx8ESFxrWNE/1Jl7l5uQNPqosB4BgbG5rIDVgqbJBeSjdOF/KX/9o/LMeNmtnNOJZSg0v0RIAk6lTyZU9EJMYkQ==","fqdn":"video.mayivideo.xyz","domain":"mayivideo.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:16.680Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /notice?mcode=1325\u0026time=1780226526\u0026sign=B4bD/pm+NFkB60CZju364Agblrca14ZHkgQDa92ln76PzDlJ8/wcRsFHVdEVSRrcU1rNBJCoIbK+LX3PkmH7bcY7IZPoNcynoqnoeFBYkuLPouQQpcJXKeyzCUuo8H08tYB1j50Ui16cnKZIuWRpSgWqcJib+mg8xL1XIJjeGxMX58qQ1Z52Nxz1gY1IVuTaH9GM5XmUD0PoYxKCNyBP4c8aV8rjnRj4+01MY2jzOHaB6lBla3e7AiSZwQc2WbBFx8ESFxrWNE/1Jl7l5uQNPqosB4BgbG5rIDVgqbJBeSjdOF/KX/9o/LMeNmtnNOJZSg0v0RIAk6lTyZU9EJMYkQ== HTTP/1.1\r\nHost: video.mayivideo.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://268365k.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: xyC+GruivDKLWtuooxDiQg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T15:30:59.550945Z","times_seen":15964973,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/app.4441cdd94c95c27d5f09.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:02.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/app.4441cdd94c95c27d5f09.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-46711\"\r\nexpires: Tue, 30 Jun 2026 11:22:02 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":288529,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65500), with no line terminators","md5":"8bcbda9a5b1662031d23728362deda8a","sha1":"9cf9a732a9ad382e2d387cbeaa3739096a34157f","sha256":"fb3b841a9c609a2e2478f8d436aa42db3ab375b4845dd2944bec6024b5a90951","sha512":"dbf71f6a63579a873b3e853e3617088bf8cd1c509c41fb33d79552de7f9cae4b22b724d65f88ea23568fabdce032e4424e7aa631b3859d49e04348a61901ea86","ssdeep":"6144:Edzrehw05nH2QApEd7n+smkv+14Vg36KH4fwFVK9VXRaLrkp5dDxs30HosuCgTUT:EF05nBA6dKsmkv+96U0XRaLrkp5dDxsC","tlshash":"d764393af34bb34d16ea3408345f37b56f950867e3aaf8cf5994e40521e2e255032ee9","first_seen":"2026-05-31T11:22:37.52846Z","last_seen":"2026-05-31T11:22:37.52846Z","times_seen":1,"resource_available":false,"data":null}},"time_used":629,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":629,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/vendor.2a4c2f906e01d29ddeb7.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:04.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/vendor.2a4c2f906e01d29ddeb7.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:04 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-78f63\"\r\nexpires: Tue, 30 Jun 2026 11:22:04 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":495459,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators","md5":"c51e4e0d560687bdd05293564f5217b8","sha1":"552cda65c0dbb4b5204f02f5837a172d810c4b9f","sha256":"47d62ea33e4c484a3a11f2e6ddc9de7aea096ca866c64a8790f54b05b59140a5","sha512":"1c11cac041e3ee161ffaed11ac93c70e2afd43a3135d91b57089d05350719bf83e08f943127eea4638a5f60d6ff272d97ffaf3330f2d35365f8a2bfbd0102477","ssdeep":"6144:OGVPHICTAEIbrbaGKcxJ6N9g8kC1HowrajfRn4zN45tW63zy1bT0fxJIM:VtJAdbrbskQpzfM","tlshash":"ceb4198db291b0a503e360a5412f520bf23b6819740ac0dcf679e8e6adbc94d517bf7d","first_seen":"2023-04-01T11:11:01Z","last_seen":"2026-05-31T15:05:23.815876Z","times_seen":37,"resource_available":true,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/api/v1/config/config","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:05.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /api/v1/config/config HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nversion: 2.2\r\nfrom: 1\r\ncolorType: 1\r\nos: v2.2\r\nnet: wifi\r\nAuthorization: undefined\r\nLanguage: zh\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:05 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 655\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS\r\nset-cookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c; expires=Sun, 31-May-2026 23:22:05 GMT; path=/; httponly\r\ncontent-encoding: gzip\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1600,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"882f20c16d53e7fc2818a65841086bc9","sha1":"084b1ffe96d58ff77868c5f28dc794032a650423","sha256":"26c2b100a577474e07bb3025aca0540fd3bbe7aad38422a079fd9c9c0efba5bf","sha512":"2599ffc09a2ad80b54937ca07f34dfa376aa6e6033c1be050f1a2733c205f76c394fb4c62bf8ea5879d673711501cc812507e1124c7f426a7b1ecbd0638ab40b","ssdeep":"","tlshash":"ef31459067bb9873a6935482aecf3046425ffb3214889f8bc99cb59801fc41f772517d","first_seen":"2026-05-31T11:22:37.529362Z","last_seen":"2026-05-31T11:22:37.529362Z","times_seen":1,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/0.b6747324b034b4af5af8.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:05.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/0.b6747324b034b4af5af8.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-15b8e8\"\r\nexpires: Tue, 30 Jun 2026 11:22:05 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1423592,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"fe5fdeec2c7ad3bf25a4c2a26b29ec67","sha1":"4818c74b0cfd2555a4a10a1ceb6dbd0a7e803a71","sha256":"da7d43f94d2e040413a06b6c2e2352f03f65aebb012117b365547ee76abf2290","sha512":"e6cc267580fdbd1a0d15158e2e53534d98208fc6e0694aa2f7b65bbb0ddf85e544d8c79b32567af7c44a0df8430549c33a04d5f701dff5e69f5953e1f9db606d","ssdeep":"24576:4C+hxNMInuQkVV7zDSqJYpDwvVeTjdYOjn6i2p:GkVtzDf0jT2","tlshash":"75256d6a354279d307bba0e1581f644ddce75445e089840477aceae9f8bab0da31fe3c","first_seen":"2026-03-19T06:30:49.97548Z","last_seen":"2026-05-31T15:05:23.786339Z","times_seen":15,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"b365dimg.hbhjhghhhjs.cc/static/B365D/admin/20260123/d608d43eea2e1527707d95f585737d.jpg","fqdn":"b365dimg.hbhjhghhhjs.cc","domain":"hbhjhghhhjs.cc","tld":"cc"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:05.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"b365dimg.hbhjhghhhjs.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:37:06 GMT","end":"Tue, 18 Aug 2026 17:37:05 GMT"},"fingerprint":{"sha1":"BE:D7:ED:42:73:8B:9A:C7:98:19:46:0B:F3:9C:54:C3:EF:CA:56:58","sha256":"47:72:0B:E1:CF:EF:AC:D5:AF:C9:7C:B6:82:20:1F:1F:C3:34:A9:52:FE:73:CF:32:A0:80:77:B8:49:36:08:48"}}},"request":{"raw":"GET /static/B365D/admin/20260123/d608d43eea2e1527707d95f585737d.jpg HTTP/1.1\r\nHost: b365dimg.hbhjhghhhjs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:06 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 5482\r\nlast-modified: Thu, 22 Jan 2026 19:24:52 GMT\r\netag: \"69727984-156a\"\r\nexpires: Fri, 20 Mar 2026 09:18:48 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST,OPTIONS,PUT\r\nby: SuKvVZxOO90IC6Ye, SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ngp-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5482,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced","md5":"1bd608d43eea2e1527707d95f585737d","sha1":"11f09c42f8065d7616e43f7661ce824ff6a8e977","sha256":"a1eaa8b64e727e72cfd53dd73c9bb45dccde1bde300f37a9068af7a14474e541","sha512":"37a381824911ba9c7de1757a8b8b13254e8989e63feb25288f62f61e3c30a2999625cdd19f033e311a4b9b2d12f7b3c902af7049934b5b274604b10d8d44fe04","ssdeep":"96:mSMllcHitlIxv9vk7C1+I4wWHLihk/xG2DY/yTfVfsKpZS9mG9G5JGmxnHc:mSHIIHUCD4wawy1t+","tlshash":"14b19ecc6ed048168ccf181c359bfe46475ad6a062dc2e5cedfe914f56109026e2336e","first_seen":"2026-03-19T06:30:49.978295Z","last_seen":"2026-05-31T15:05:23.790573Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1175,"timings":{"blocked":0,"dns":71,"connect":204,"send":0,"wait":638,"receive":49,"ssl":210},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/api/v4/Index/index/entertainment","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:06.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /api/v4/Index/index/entertainment HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nversion: 2.2\r\nfrom: 1\r\ncolorType: 1\r\nos: v2.2\r\nnet: wifi\r\nAuthorization: undefined\r\nLanguage: zh\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:06 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 5786\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS\r\nset-cookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c; expires=Sun, 31-May-2026 23:22:06 GMT; path=/; httponly\r\ncontent-encoding: gzip\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27231,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (24901), with no line terminators","md5":"6e57984d9cd88f080b5494b1e0a8ec37","sha1":"38572a24e2e2eb9d89762da2c86e3f812b480e5c","sha256":"0612a2330c2d78639a873b15c6db1661d12200aa19cb51edb9c3b3675d97c358","sha512":"5b62a89c06d1768a0753d3938b40bf5d28ff15499c39635fbfd047dfe8d64668d95b3ce31d60f771deef15e7bd97e7906c54cf989d7f85ab165c8a23d0dc64f0","ssdeep":"384:aDijk81DRFMajOAulUXulbjKJ8ZHGiyUx:aDijk89RFMajOAulUXul0hib","tlshash":"19c2223a1a2e8c81833111f175cf309db0da5a9b1b5daee6a54c7f190cd5ba867cf213","first_seen":"2026-05-31T11:22:37.531641Z","last_seen":"2026-05-31T11:22:37.531641Z","times_seen":1,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/#/register?shareCode=0HDB","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-31T11:22:03.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:04 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 617\r\nexpires: Sun, 31 May 2026 11:22:03 GMT\r\nlast-modified: Sunday, 31-May-2026 11:22:04 GMT\r\ncache-control: no-cache, no-cache, must-revalidate, proxy-revalidate, max-age=0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":617,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (617), with no line terminators","md5":"b6c0d20ba76294a5ea70388a2c628ef3","sha1":"a969cc6e3e6deffd29b8cb1c53fca466ed12a091","sha256":"ebc1e40c947270dbee11e657cb3b1b71130c009b6dc393f991040baf38cd5813","sha512":"3b7a046c6724abc243bc4ab66ea7b5dfdc7ae623467ac017653d05f596705f4d4239330e4cf6fba45f3b35242639943a5cd1c1b4c76914593f3b8df56a4c60f4","ssdeep":"","tlshash":"83f0ac8b5e16c8be59201cca3a79f128d00fdeb23b21cc408ac459ec8c4879c1e3d487","first_seen":"2026-03-19T06:30:50.033046Z","last_seen":"2026-05-31T15:05:23.797478Z","times_seen":15,"resource_available":true,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/manifest.21cd61d648887469503b.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:05.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/manifest.21cd61d648887469503b.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-9c0\"\r\nexpires: Tue, 30 Jun 2026 11:22:05 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2496,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2496), with no line terminators","md5":"325067f9b4d17d0287eeedd6fc50f2fa","sha1":"e9014820cf0263f5afe9eaa0650b446eeee103f4","sha256":"a6fd97ef364992d3b31841d303df6b05e8a592ff77ac7017ec5b4641fa12368d","sha512":"78ea3808858dc293594b94568df8b6ccdc62cb4cf812dc17b916365891488ac4decc558849197aaff714fa4000aec723cb656ccbd90d322a4ba9f90a6e718510","ssdeep":"","tlshash":"b551a3a9b6aef5e2a7b714a8573b8166b13c35026d2ccc54d3ccd6c62c29c849124bf5","first_seen":"2026-03-19T06:30:49.997072Z","last_seen":"2026-05-31T15:05:23.794591Z","times_seen":15,"resource_available":true,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/img/sponsorDefault.646289b.png","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:05.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/img/sponsorDefault.646289b.png HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 38211\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\netag: \"697b01f0-9543\"\r\nexpires: Sat, 20 Jun 2026 13:46:30 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ngp-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38211,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 708 x 456, 8-bit colormap, non-interlaced","md5":"646289ba4f3b4ced2a2ae68f09c8db5b","sha1":"fb805c143286ddae89a5825d2f5c261f23e4985c","sha256":"e9f92cee381ae17f7e11ca1f7467d16038156d53c61eb4563f4f3a67b8362d9d","sha512":"5807fcfb0c76b221721d75843ecc230afe92189fff0e96e40bc0f9c2d9fc0a0134f598cfb981c0640cfe587ca77dcb52f9a978822f919aee17dae9b46a353b10","ssdeep":"768:OpR6y2amAw153sXUmB9WK6lht6S0tqKNSUgc4cQuvD2fK0LA9:Oz6y2l4EOoKC2SCqKN7gcZvaJC","tlshash":"ed03e1b745cc6178eee28e32281fb5d4bd755c091dea98c24489709ae3aed8890e0f65","first_seen":"2025-09-20T12:21:56.387094Z","last_seen":"2026-05-31T15:05:23.807721Z","times_seen":7,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/manifest.21cd61d648887469503b.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:04.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/manifest.21cd61d648887469503b.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:04 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-9c0\"\r\nexpires: Tue, 30 Jun 2026 11:22:04 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2496,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2496), with no line terminators","md5":"325067f9b4d17d0287eeedd6fc50f2fa","sha1":"e9014820cf0263f5afe9eaa0650b446eeee103f4","sha256":"a6fd97ef364992d3b31841d303df6b05e8a592ff77ac7017ec5b4641fa12368d","sha512":"78ea3808858dc293594b94568df8b6ccdc62cb4cf812dc17b916365891488ac4decc558849197aaff714fa4000aec723cb656ccbd90d322a4ba9f90a6e718510","ssdeep":"","tlshash":"b551a3a9b6aef5e2a7b714a8573b8166b13c35026d2ccc54d3ccd6c62c29c849124bf5","first_seen":"2026-03-19T06:30:49.997072Z","last_seen":"2026-05-31T15:05:23.794591Z","times_seen":15,"resource_available":true,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/3.4f3a91902e42410c917f.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:05.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/3.4f3a91902e42410c917f.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-c998\"\r\nexpires: Tue, 30 Jun 2026 11:22:05 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":51608,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (51461), with no line terminators","md5":"027cc9798628f99307a84a74a6ff0fce","sha1":"7d1cbf47e06a91846c5d7c8eb7d87e4e75db853e","sha256":"e594673f0996de3809629acf7d02379f913f5a3e9e6ec0a336d5d8480698ac8c","sha512":"b1a7c6920c0365a4e3318871a8297b5278eaebf0b5e05a9dc3737735cba394a3d665d8837c24f3451b9f9954fe9f74bea6c1c169ac61c8b9c990a295040f18b3","ssdeep":"768:5WCdVG1Po3Y9QCcMWewEiWEWIj3pZEyaO/E/NZQ:5WGVGK235CE9JQ","tlshash":"4433f52be148f8b44eb65490602b1074b27a3f98750a5450bbbddac5abfcb58132f73d","first_seen":"2025-07-02T08:56:27.678271Z","last_seen":"2026-05-31T15:05:23.808536Z","times_seen":26,"resource_available":true,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/api/v1/config/config","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:06.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /api/v1/config/config HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nversion: 2.2\r\nfrom: 1\r\ncolorType: 1\r\nos: v2.2\r\nnet: wifi\r\nAuthorization: undefined\r\nLanguage: zh\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:06 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 654\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS\r\nset-cookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c; expires=Sun, 31-May-2026 23:22:06 GMT; path=/; httponly\r\ncontent-encoding: gzip\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1600,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"6217adabe1bd56f4c8049c9901386206","sha1":"c321487a5438cb2b6532b5317613e2b623c10d21","sha256":"cef330d8dbd6f287133309bcacc247f4fab093df25802a65d433435e95850258","sha512":"819565ca8da780099bb7cfbd8c3e95861a9c9ea8fd377af43f0a3e899ad07c599939700d6fb099f35893a8aad2009d8e91ef53258db671d6dcf0107386bf8d69","ssdeep":"","tlshash":"5c31459067bb9873a6935482aecf3046425ffb3214889f8bc99cb59801fc41fb72517d","first_seen":"2026-05-31T11:22:37.534779Z","last_seen":"2026-05-31T11:22:37.534779Z","times_seen":1,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/static/js/manifest.21cd61d648887469503b.js","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://268365k.com/#/register?shareCode=0HDB","date":"2026-05-31T11:22:02.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /static/js/manifest.21cd61d648887469503b.js HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 29 Jan 2026 06:45:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697b01f0-9c0\"\r\nexpires: Tue, 30 Jun 2026 11:22:02 GMT\r\ncache-control: max-age=2592000\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2496,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2496), with no line terminators","md5":"325067f9b4d17d0287eeedd6fc50f2fa","sha1":"e9014820cf0263f5afe9eaa0650b446eeee103f4","sha256":"a6fd97ef364992d3b31841d303df6b05e8a592ff77ac7017ec5b4641fa12368d","sha512":"78ea3808858dc293594b94568df8b6ccdc62cb4cf812dc17b916365891488ac4decc558849197aaff714fa4000aec723cb656ccbd90d322a4ba9f90a6e718510","ssdeep":"","tlshash":"b551a3a9b6aef5e2a7b714a8573b8166b13c35026d2ccc54d3ccd6c62c29c849124bf5","first_seen":"2026-03-19T06:30:49.997072Z","last_seen":"2026-05-31T15:05:23.794591Z","times_seen":15,"resource_available":true,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/api/v1/config/config","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:05.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /api/v1/config/config HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nversion: 2.2\r\nfrom: 1\r\ncolorType: 1\r\nos: v2.2\r\nnet: wifi\r\nAuthorization: undefined\r\nLanguage: zh\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:06 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 654\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS\r\nset-cookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c; expires=Sun, 31-May-2026 23:22:06 GMT; path=/; httponly\r\ncontent-encoding: gzip\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1600,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"6217adabe1bd56f4c8049c9901386206","sha1":"c321487a5438cb2b6532b5317613e2b623c10d21","sha256":"cef330d8dbd6f287133309bcacc247f4fab093df25802a65d433435e95850258","sha512":"819565ca8da780099bb7cfbd8c3e95861a9c9ea8fd377af43f0a3e899ad07c599939700d6fb099f35893a8aad2009d8e91ef53258db671d6dcf0107386bf8d69","ssdeep":"","tlshash":"5c31459067bb9873a6935482aecf3046425ffb3214889f8bc99cb59801fc41fb72517d","first_seen":"2026-05-31T11:22:37.534779Z","last_seen":"2026-05-31T11:22:37.534779Z","times_seen":1,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"268365k.com/api/v1/user/newMessage?page=1\u0026pageSize=15","fqdn":"268365k.com","domain":"268365k.com","tld":"com"},"ip":{"addr":"20.247.100.105","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6","date":"2026-05-31T11:22:06.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"268365k.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 17:31:47 GMT","end":"Tue, 18 Aug 2026 17:31:46 GMT"},"fingerprint":{"sha1":"36:D1:D2:12:F3:0B:EC:5D:74:5C:45:58:C8:FB:B6:FC:A5:76:DA:53","sha256":"A2:20:7C:0F:6C:61:78:FC:87:7D:84:C5:38:48:28:78:62:4F:09:2F:72:40:01:67:A6:F7:D1:55:53:02:FE:64"}}},"request":{"raw":"GET /api/v1/user/newMessage?page=1\u0026pageSize=15 HTTP/1.1\r\nHost: 268365k.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nversion: 2.2\r\nfrom: 1\r\ncolorType: 1\r\nos: v2.2\r\nnet: wifi\r\nAuthorization: undefined\r\nLanguage: zh\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://268365k.com/%E4%B8%80%E4%B8%AA%E7%A9%BA%E7%9A%84%E9%9F%B3%E9%A2%91%E6%96%87%E4%BB%B6\r\nCookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 31 May 2026 11:22:06 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 129\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS\r\nset-cookie: SWOFT_SESSION_ID=tf2q2md7kfea80401bvcbvtt3c; expires=Sun, 31-May-2026 23:22:06 GMT; path=/; httponly\r\ncontent-encoding: gzip\r\nby: SuKvVZxOO90IC6Ye\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":140,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"4c91f58bd13718754ce2c2768c28d1c2","sha1":"a1bcb0e962f683e2df0ab7f4facbe5dc47f64476","sha256":"72342314498735431d99e0b46be258f74873bcad476c08b9c6631fc139dc0b9c","sha512":"9434154b9d952ab2962937a024aa043a9f0adef60f24b7ed7b36a255c1b794538172fb3bea4006bc89d0f897fec19ee3c19c113930b55832e953b2e2476e313e","ssdeep":"","tlshash":"5bc09bd478440d95ff856072f04774954dc871ca5bec5b1a41b45508064d91b5515d15","first_seen":"2026-05-31T11:22:37.535733Z","last_seen":"2026-05-31T11:22:37.535733Z","times_seen":1,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-31","alert":"Sinkholed","trigger":"268365k.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-31","alert":"Phishing Block","trigger":"268365k.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}