{"report_id":"1acbcdcb-07ec-4635-a24e-f8f283b3d37c","version":6,"status":"done","tags":[],"date":"2026-03-18T10:50:09Z","url":{"schema":"http","addr":"lzhxsy.com","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":0,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"http","addr":"lzhxsy.com/","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"title":"安币交易所app下载_安币交易所官网_币 安app下载最新版本","dom":{"size":25017,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (317)","md5":"7cce2aab41b9eea167a8aa47c80a5b23","sha1":"fd3911dda4fef8a6297ae7b97db96c1001d689ce","sha256":"880f4662f86634ceec5338928823c239b24cafa995cf9e463a59bf77a0a56721","sha512":"b7ad05afd9874c2a00e61c1c9b2942db6f43e0f5873326039fe794627161e2061620c0c518a4c87fd4a2a513c1fecc0ad31f26daf406abec819feddd10865247","ssdeep":"384:MjM18uuYs/+O2zLQogm4+keNW7BCh2B8hvp:Z8uuyNLQogoNRp","tlshash":"e3b24f2195fe28634183809d57676f0aafc7da33ea1789007a9c2b917fd3d56c90733a","dom_hash":"domhash04d950d97ae1989402b31e7e99e1d697","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"lzhxsy.com","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":0,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-22T10:50:09Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"lzhxsy.com","ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":160,"request_count":32,"received_data":687675,"sent_data":12182,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"hm.baidu.com","ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-03-16T02:58:13.619816Z","alert_count":0,"request_count":2,"received_data":30879,"sent_data":1268,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"js.users.51.la","ip":{"addr":"43.174.229.1","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":746636,"first_seen":"2012-05-30T15:10:11Z","last_seen":"2026-03-12T03:48:13.842059Z","alert_count":0,"request_count":1,"received_data":5265,"sent_data":407,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]},{"fqdn":"ia.51.la","ip":{"addr":"43.174.227.28","port":80,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":696517,"first_seen":"2017-10-31T08:01:51Z","last_seen":"2026-03-12T03:48:13.828272Z","alert_count":0,"request_count":1,"received_data":180,"sent_data":1778,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"lzhxsy.com/tongji.js","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"4333c1fb0ea7da6ff6a58046f3d60ee8","sha1":"d9b49fae5a9260aaac6f98a2bce92f1acda838da","sha256":"682a43c79a6216b11e30fd29c3202a10e2bebfbc7e8e649da7e9d060f5e6cab2","sha512":"b8aef1a0a0f72b9068d21d4aedff9cec8c066085e12ed2d36f6eb6706753f0bfe2b07212ad917ca04adde196c71baba3a00e1d679b642d4f14a366f377672da7","ssdeep":"","tlshash":"4ad0951f6c1d1434139a087d51fef54cf2b1514c503dd10181dcd4104960ed10c3e7cc","size":252,"data":"","first_seen":"2025-11-18T13:28:12.140659Z","last_seen":"2026-06-04T05:36:57.415001Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.users.51.la/8218479.js","fqdn":"js.users.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.174.229.1","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"745040dafa812a6c43d8508a26d09187","sha1":"578965297b091fd34e1f55c12db9abdf7230d0a5","sha256":"abc34484489accf2ed7d0c777994afe382e9b17c5cbda608639f414b2c0ed390","sha512":"0d99e32643412224464547621f63ba78f09a7c74a862219164fcd5c968ec372581233e3801c5933e887ddbb228ffe439d1e9bec0a437d612e1013f0fe2144bfd","ssdeep":"96:nHmPg4EY5Qc1dnqW7aUWp36QXiWgQ95qEIopwm3B5fXOiDgCQgeKrmpj:HmPZEY+cRpeUS36QXiWL5jfpwQXOiDgT","tlshash":"1da1944e74e1b8a207d721b5502f640ff2786a60589cd590ea63e8e13db499f4333fad","size":4897,"data":"","first_seen":"2026-03-18T10:50:14.55541Z","last_seen":"2026-06-02T06:06:16.656515Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-17T16:28:02.29525Z","times_seen":121599,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-17T16:28:02.29525Z","times_seen":121599,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?55024fef0906ed18d6113ce4db5aad56","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"64bf78ffb23c165c27196b692bd7d5d4","sha1":"a866aed20fe45138a49dcee9a9f1a19cb01f1c58","sha256":"dc3d659c1ad59b215f2b4bb3fc41103599e10c4268bd408ee9c85bd396643024","sha512":"5bf8e250075bcbd0fc131417d79283acc3c3d396d9283447cb29d90af642b0f837013f25e911053f891820ee86662e70600a8b321151b606b54fba298ecdf6bb","ssdeep":"384:wTJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:wT4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"f7d2d9a9b282713293a324a5153f324af17b5a54bd4968a4f11894c07d38fbb027bfdd","size":29897,"data":"","first_seen":"2026-03-18T10:50:14.546248Z","last_seen":"2026-03-18T10:50:14.546248Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f0b4bacf4ac98d49066fc92b4213190c","sha1":"e62a3a79e14d8ae9005a43633414949c5e6888c2","sha256":"c354563db141b9807b9c93e7d3b21c4a2d40533d717f7cbe8221eeb1bc39b816","sha512":"587d622c6c453d9ccb9f06c44776d0b97195665a31b219430a5b430b1b1b1210d50dc6566f7635b3273cc07d1ec461defd95b2de82ead4a6d05fd8f94fa5c487","ssdeep":"","tlshash":"5bf055de5346c48839c32e7ac466a80db28c0f0628accca8dc8479060ad28b305d03df","size":471,"data":"","first_seen":"2026-03-18T10:50:14.562915Z","last_seen":"2026-03-18T10:50:14.562915Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/ic-hide.svg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.208Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/ic-hide.svg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:49 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 727\r\nLast-Modified: Thu, 17 Apr 2025 03:36:44 GMT\r\nConnection: keep-alive\r\nETag: \"6800774c-2d7\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":727,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c5bf706459ac02bb53151b97bde4847a","sha1":"dd76452615cfc2852dd2e22311dcd55ae5428ca0","sha256":"e69d9b514b3022a08dbd7ad1185f6239ef6b07df5d470abf749c693fa65b0b2f","sha512":"161f8bbf46f9005a4aa2f6eeb346dd87b3f038e928631ba0c5bbf1b8babe3835f03534575ebb87b2d5f9f5aa461dcc1b8610b4fb11bd00fdf7d8ea7a93492eeb","ssdeep":"","tlshash":"490110e60af0699cc0da4f2d77ba40027e5ba8f121324ca8d7bd1d9146e180dee91cde","first_seen":"2024-08-19T20:50:36.163442Z","last_seen":"2026-06-13T22:05:17.65584Z","times_seen":580,"resource_available":false,"data":null}},"time_used":1034,"timings":{"blocked":400,"dns":1,"connect":207,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/iconmonstr-idea-14.svg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.216Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/iconmonstr-idea-14.svg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:49 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Thu, 17 Apr 2025 03:36:40 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68007748-5ab\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1451,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"aa596305d1cba349f0157d941d9fc7d0","sha1":"2248894a2002a27b725c251ffa110da57dcefd70","sha256":"8e697d63b76829185c6be2b84df34823aea3446216811459ed0b4bc2041f0019","sha512":"d2d4b28821dbf8a437e3331ca8c5c0d1740f5dcfcbb64a11d0d2dc4a9ab0e15f4b9b8bc060528284d75287ad78bfaf14f2484a2f0ceeabddfc43ea8da1337806","ssdeep":"","tlshash":"f93148f85338544c2c579a246f5bec24b7ccabdf28d8cde4d19edc6248c6870e007521","first_seen":"2024-08-19T20:50:36.168072Z","last_seen":"2026-06-13T22:05:17.642216Z","times_seen":579,"resource_available":false,"data":null}},"time_used":843,"timings":{"blocked":614,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/app-store-badge2.png","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.217Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/app-store-badge2.png HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:50 GMT\r\nContent-Type: image/png\r\nLast-Modified: Thu, 17 Apr 2025 03:36:40 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68007748-1e9a\"\r\nExpires: Fri, 17 Apr 2026 10:49:50 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7834,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 240 x 80, 8-bit/color RGBA, non-interlaced","md5":"f593f0b2de05ad076743e3b51ed6c015","sha1":"2e8912f58289a8906e27ff6376c996a69d0b76f4","sha256":"cc4d0a85bcb684c04051f64782dc2dbef34e8fb913f425828581f670343fe201","sha512":"76524aac12ef6471a22e3d5c42d14a8cec50076e75d462aad0ab9335e65a0a1eef944c331090749887740e76bb421e1c60e417742f5610c25e5fa19ed5efb223","ssdeep":"192:GRXhQmNXT+7ZZ32MxT9qaHMVcHdDO/10HS2NHO:GUm9TqZRBx5qLVc9DO2yYO","tlshash":"b1f19d8a76eafd9af954e1ed0f0afe4859fdcc403d6481224b029cd2aeb50a1111e5e2","first_seen":"2023-09-19T00:36:34Z","last_seen":"2026-05-30T02:31:36.712651Z","times_seen":74,"resource_available":false,"data":null}},"time_used":1301,"timings":{"blocked":998,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/html/888/lawyerwls.css","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.200Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /html/888/lawyerwls.css HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:49 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 17 Apr 2025 03:36:56 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68007758-4fd24\"\r\nExpires: Wed, 18 Mar 2026 22:49:49 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":326948,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (327), with CRLF line terminators","md5":"c10bf282da4d57bec7a4d8e2771e4108","sha1":"3c383dc48a9de47cee88631e22a4fcf2d3fee899","sha256":"4e0b90082bcf2547d4a201b0a66e8dff5a5ff5c7cccb3f6ba7cb0bca540691c3","sha512":"409b84e7625750521a374911344331e9c4cd5796a0e3b3896b2e21793e269a7e1120219f5fca2874cb7cd59c6b55e519c6f71ec76d6a5cc1dcfd74c4fd0ef99b","ssdeep":"1536:ZbVv1AzBHWE+0xbkHUjHcERC8Sh3DUSbzLux5u/LRAwlHlYd1f:ZbVv12L","tlshash":"be64bd668a8a30249636966c6e775e1ce7474c33d20387a53e9c7108bff419275b2fbc","first_seen":"2026-03-18T10:50:14.539995Z","last_seen":"2026-03-18T12:33:44.977391Z","times_seen":2,"resource_available":false,"data":null}},"time_used":430,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":210,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/logo.png","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.202Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/logo.png HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:50 GMT\r\nContent-Type: image/png\r\nLast-Modified: Thu, 17 Apr 2025 03:36:36 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68007744-89a\"\r\nExpires: Fri, 17 Apr 2026 10:49:50 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2202,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 34, 8-bit colormap, non-interlaced","md5":"03ffe548749763342fc417169fa2fca9","sha1":"4aaf0e91d17c6414cb4d28a12e79a63eb8307ddf","sha256":"a72b43b47f9c9d7bb21c8d6e3f75f7907fd5c45bd35dfbdde3f4259a1c50ebac","sha512":"d75a6335b8ed2dc28c3710a0e491e447d416fba4d5314fe57ec8cbe77921044e2950b40e3aae40e8dac7fdb2c06c84ed64c92350082e3ef0e6a6b097e9c6332a","ssdeep":"","tlshash":"4e418346f508e98f12824c0c2aed403cd8c23ab4cb833753b58d137ea791519336ea7e","first_seen":"2024-08-19T20:50:36.169661Z","last_seen":"2026-04-13T00:30:00.483577Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1013,"timings":{"blocked":710,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/iconmonstr-cursor-9.svg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.212Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/iconmonstr-cursor-9.svg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:49 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 677\r\nLast-Modified: Thu, 17 Apr 2025 03:36:42 GMT\r\nConnection: keep-alive\r\nETag: \"6800774a-2a5\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":677,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"33663d6df182780e4148c9b40725dadd","sha1":"ccef41932490aabe1a20f52fc498281fd739d045","sha256":"69e9a4e435de9a5ead447e14b6991657bf6b8b8dbb38247b99f9d48cf4171ba3","sha512":"5ba301baf08a44a9f249277077dd55a3c3e1c9752cd523362acba3d99ef0f6af2743543c7c33c8ea4305795249c8fbda1c3d80538b6fed77826522c544e14d06","ssdeep":"","tlshash":"e90144e88bb4b2281bc7cfd08a3574d4e1aeb8d42115a484e220cd3584dbcc18700848","first_seen":"2024-08-19T20:50:36.165486Z","last_seen":"2026-06-13T22:05:17.662611Z","times_seen":579,"resource_available":false,"data":null}},"time_used":830,"timings":{"blocked":605,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/ic-network.svg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.209Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/ic-network.svg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:49 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Thu, 17 Apr 2025 03:36:42 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6800774a-584\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1412,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5c6dd9d6feca0136591eca09389fbd90","sha1":"636b11729acf7568058028cf517f08d931d121c4","sha256":"a3734a0b0d0614caec4ce27f052027024136c9449a6ef5ee8fbbb1b7b3f244f0","sha512":"45056af33f238bf41a60c0474c413e79235c1ac81bcecfc3461f7e1cd42e008b1cd92aa1a283c9681b0cd32af9fba0d11a73c5a6d2e615b603b8818ad134382a","ssdeep":"","tlshash":"3b2112e9abbd59acb8831e25bbd1b875530f54b13150c6d0842f4da0d592d99e7c3c02","first_seen":"2024-08-19T20:50:36.166191Z","last_seen":"2026-06-13T22:05:17.661021Z","times_seen":580,"resource_available":false,"data":null}},"time_used":1037,"timings":{"blocked":399,"dns":0,"connect":208,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/mac-o-sbadge2x.png","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.218Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/mac-o-sbadge2x.png HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:50 GMT\r\nContent-Type: image/png\r\nLast-Modified: Thu, 17 Apr 2025 03:36:40 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68007748-18c7\"\r\nExpires: Fri, 17 Apr 2026 10:49:50 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6343,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 234 x 72, 8-bit/color RGBA, non-interlaced","md5":"8b9a8d438efaa5014d6267352f418088","sha1":"91aa61ef5c1efb8467ab731e928966ace99b31f9","sha256":"60ec09dc329fd2f7a0e040c3e1792f9ac9e36328bf0b19690a2cfd6f9c458356","sha512":"bb60ca539cc8a52fdc2b6a86558edd813858e361ca72c732358d35c31d78d14bf8423e40859cedc17224802e20f9147ed6cc35a1410939d628519a79f147bb23","ssdeep":"192:WhPxWPR4BoVyMosIT4MECT1A7kKIol9f8EyYHEZ:I4Pco3vm1lNrEyWY","tlshash":"0ed17ec1eb91a728d758854230c6158d75fe3f696097cb984263d13cdb40962cdf736e","first_seen":"2024-08-19T20:50:36.177013Z","last_seen":"2026-05-30T02:31:36.71737Z","times_seen":67,"resource_available":false,"data":null}},"time_used":1245,"timings":{"blocked":1036,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/iconmonstr-facebook-1-1.svg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.223Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/iconmonstr-facebook-1-1.svg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:50 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 239\r\nLast-Modified: Thu, 17 Apr 2025 03:36:38 GMT\r\nConnection: keep-alive\r\nETag: \"68007746-ef\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":239,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"76e79937cd2eaaf1fc8410dfa38346b3","sha1":"1f0a4ed867ba758aa31eba9d7366d9aafbacd71d","sha256":"053afab6ced5d362cab374fb662c758370b49d47e17e6998386f0c7790484cbe","sha512":"cc5b49bfebb850d89d4e4e2f267d18b312bfb851649217b2cb45bfd64875f9a3b134679c54de05a81b64784324857a063adec992ace05afc72678b3a5dff26e7","ssdeep":"","tlshash":"d5d097608aa56a0c0cc24032682cc6dc02272084138c04d8a1002d3069894f3381308c","first_seen":"2024-08-19T20:50:36.183453Z","last_seen":"2026-05-30T02:31:36.734799Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1637,"timings":{"blocked":1429,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/iconmonstr-instagram-11-1.svg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.225Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/iconmonstr-instagram-11-1.svg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:50 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Thu, 17 Apr 2025 03:36:38 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68007746-405\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1029,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4a538031889f03eec36a74dbce6f8e1b","sha1":"f3d6dcdbce45e9fa29789ac56632be4724e8d429","sha256":"a49791faed117e4d6265b710864bb8f06f5393ab2b638f1d64deb9913dc0c4bf","sha512":"7bbf49ab295d98ab17f31a90a8995cd0a87976a60b158e5d45e0e8689a9b31231d15bfa559a04555722f10323e417fb992281b3420ac9a618129a9b1298e9883","ssdeep":"","tlshash":"2a11c0cd43a5e6ccaca7843adf2f6567070ef03a67c5c4a1c48d8e3864495d2a34e418","first_seen":"2024-08-19T20:50:36.184113Z","last_seen":"2026-05-30T02:31:36.767826Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1655,"timings":{"blocked":1446,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=5BE83AD46965EBA7\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1982786305\u0026si=55024fef0906ed18d6113ce4db5aad56\u0026v=1.3.2\u0026lv=1\u0026sn=60682\u0026r=0\u0026ww=1280\u0026u=http%3A%2F%2Flzhxsy.com%2F\u0026tt=%E5%AE%89%E5%B8%81%E4%BA%A4%E6%98%93%E6%89%80app%E4%B8%8B%E8%BD%BD_%E5%AE%89%E5%B8%81%E4%BA%A4%E6%98%93%E6%89%80%E5%AE%98%E7%BD%91_%E5%B8%81%20%E5%AE%89app%E4%B8%8B%E8%BD%BD%E6%9C%80%E6%96%B0%E7%89%88%E6%9C%AC","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:52.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=5BE83AD46965EBA7\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1982786305\u0026si=55024fef0906ed18d6113ce4db5aad56\u0026v=1.3.2\u0026lv=1\u0026sn=60682\u0026r=0\u0026ww=1280\u0026u=http%3A%2F%2Flzhxsy.com%2F\u0026tt=%E5%AE%89%E5%B8%81%E4%BA%A4%E6%98%93%E6%89%80app%E4%B8%8B%E8%BD%BD_%E5%AE%89%E5%B8%81%E4%BA%A4%E6%98%93%E6%89%80%E5%AE%98%E7%BD%91_%E5%B8%81%20%E5%AE%89app%E4%B8%8B%E8%BD%BD%E6%9C%80%E6%96%B0%E7%89%88%E6%9C%AC HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 18 Mar 2026 10:49:52 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=ADC5141FDB2CACAD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-17T17:15:59.079347Z","times_seen":368244,"resource_available":true,"data":null}},"time_used":332,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":331,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/iconmonstr-user-7.svg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.203Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/iconmonstr-user-7.svg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:50 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 498\r\nLast-Modified: Thu, 17 Apr 2025 03:36:36 GMT\r\nConnection: keep-alive\r\nETag: \"68007744-1f2\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":498,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"dd545a19dde2e1f0484a4532c0f1deff","sha1":"623b024ff20985a31f0153725510acc3f51d96d3","sha256":"628992d7eb3a725ba972006f702b2984a2467709ea95bccb8a7fd79075d1e1da","sha512":"0bfaed149fe1b8a1e7ce66ee648b680316a554d90a03b80fc41bc074d4a9f48e972d7e850bc68400da82f13059c7b2ff23b3095c3038f70bf66a1e26bd150863","ssdeep":"","tlshash":"42f09ef84f98647c2dd3cc6c7b396c76e61c28f416954485b68de0206557a99d406a40","first_seen":"2024-08-19T20:50:36.170267Z","last_seen":"2026-05-30T02:31:36.711922Z","times_seen":65,"resource_available":false,"data":null}},"time_used":1048,"timings":{"blocked":839,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?55024fef0906ed18d6113ce4db5aad56","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:50.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?55024fef0906ed18d6113ce4db5aad56 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11291\r\nContent-Type: application/javascript\r\nDate: Wed, 18 Mar 2026 10:49:52 GMT\r\nEtag: 8ef302da8a805c443d46b44c5f5f6b08\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=5BE83AD46965EBA7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":29897,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (621)","md5":"64bf78ffb23c165c27196b692bd7d5d4","sha1":"a866aed20fe45138a49dcee9a9f1a19cb01f1c58","sha256":"dc3d659c1ad59b215f2b4bb3fc41103599e10c4268bd408ee9c85bd396643024","sha512":"5bf8e250075bcbd0fc131417d79283acc3c3d396d9283447cb29d90af642b0f837013f25e911053f891820ee86662e70600a8b321151b606b54fba298ecdf6bb","ssdeep":"384:wTJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:wT4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"f7d2d9a9b282713293a324a5153f324af17b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2026-03-18T10:50:14.546248Z","last_seen":"2026-03-18T10:50:14.546248Z","times_seen":1,"resource_available":true,"data":null}},"time_used":3161,"timings":{"blocked":1049,"dns":1,"connect":513,"send":0,"wait":1063,"receive":1,"ssl":532},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzhxsy.com/","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-18T10:49:47.429Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T17:31:21.532601Z","times_seen":16489423,"resource_available":true,"data":null}},"time_used":905,"timings":{"blocked":905,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/shield.svg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.221Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/shield.svg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:50 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Thu, 17 Apr 2025 03:36:38 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68007746-996\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2454,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7dfab7c91a4c792465bf8fd23accc9f4","sha1":"b9bc80b8f678afba0f530af995a2290f647fab18","sha256":"8645c274999f8e4db9a5501f2f9139e71a45ddd531e48a692cdbf25d2c9db6fd","sha512":"a3044d82884d8f2b38ad84ca8c44bcda117888fae971cba3e5d13268b6744387ad13ee53d7d678bd10a88fdde9f924cd3a224d3643d27141f4535b35fcef5984","ssdeep":"","tlshash":"555123d0a9fe4106d924a385e799c095af1502ff52e10792f01c1fec1f265cb8f879e8","first_seen":"2024-08-19T20:50:36.180355Z","last_seen":"2026-05-30T02:31:36.754778Z","times_seen":67,"resource_available":false,"data":null}},"time_used":1450,"timings":{"blocked":1241,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/iconmonstr-youtube-6.svg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.226Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/iconmonstr-youtube-6.svg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:50 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 354\r\nLast-Modified: Thu, 17 Apr 2025 03:36:36 GMT\r\nConnection: keep-alive\r\nETag: \"68007744-162\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":354,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f15002c79ea768bf28f21e5df9ea1825","sha1":"4e0d33e984d32a11b98ba9a203e9fa3d5af434d6","sha256":"b861a14519e99eef1c40fd466a020b7ebc3646fc9e9693d14edf61a2f1b98391","sha512":"22ffa110542b0b886fc5a16df9e5dcd03084c0f50fd2a387e78072cc14155c3dd30a98bc578cb76b30ac45e8a471e3a1e3116c4e090995c6c09c86fa457096b1","ssdeep":"","tlshash":"19e020e587b4460465175e2d97bf74e909dbb156129d028ca104fd04ba484a3b49ae98","first_seen":"2024-08-19T20:50:36.185481Z","last_seen":"2026-05-30T02:31:36.764749Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1657,"timings":{"blocked":1448,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/html/888/group.18c6d4fd.png","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.642Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /html/888/group.18c6d4fd.png HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/html/888/lawyerwls.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:49 GMT\r\nContent-Type: image/png\r\nLast-Modified: Thu, 17 Apr 2025 03:36:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68007754-b416\"\r\nExpires: Fri, 17 Apr 2026 10:49:49 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46102,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 380 x 765, 8-bit colormap, non-interlaced","md5":"29ae3adc107ebc416d25b5c86cc08192","sha1":"05b916874a7dfd38301f9c95cc7b987cd65cc8d2","sha256":"2bdc2e7904ca36a4d696b997c694bab48c7475c15377aa666292a699e226f40b","sha512":"466f030b295888e3a4bd52c15ba59ed16e0e26c77e2d05c2a70ae0949e7a68ad55818f4221310990d2a3016f5e385c4f7cf05fe27a0e1c284c62a5f0169ff5c1","ssdeep":"768:Ya57bd1p6hFja9veMMvJjHTzTfJRe29KTqHWjULKxWDcwOGtxE11+NKcyX6qZfi:YcbkQZuxj3TfLF422Yu2cGPi4NKcmM","tlshash":"ee23012de80af9cecc5b9e416e8d10e5b2fca85e82763f66c600e81553d6bf37493185","first_seen":"2024-08-19T20:50:36.178329Z","last_seen":"2026-04-13T00:30:00.504415Z","times_seen":38,"resource_available":false,"data":null}},"time_used":814,"timings":{"blocked":175,"dns":0,"connect":0,"send":0,"wait":223,"receive":416,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/favicon.ico","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:51.325Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nCookie: __tins__8218479=%7B%22sid%22%3A%201773830990235%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201773832790235%7D; __51cke__=; __51laig__=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:51 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 4286\r\nLast-Modified: Mon, 14 Apr 2025 09:39:34 GMT\r\nConnection: keep-alive\r\nETag: \"67fcd7d6-10be\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"b9b27235c62b268ee1487027b67b2f92","sha1":"425c38fd62c4ad644ef5564668802f2940ee502c","sha256":"8c670708b5b6ea954a5f5dd34dfa7553fc6c13826a122af8ee53e6cd8f5599fc","sha512":"68380a41a952a3edc6207a018867a1586950d7b3b01831565813df88b84b3d24634aa6943781d4c81d95687766dc04d313594ed22cae6536ae7f73c21e9a87d2","ssdeep":"48:+iqWM1EfC28K3H84oHCuLo8BZv1EnbJlE:YEf98K3H84oHtk8BZdE0","tlshash":"0b91c2595c9fe70ae5991af47073bee7e15c5f528bd83e902ad6090f828d523e0062f2","first_seen":"2025-11-18T13:28:12.1418Z","last_seen":"2026-03-18T12:33:45.005578Z","times_seen":5,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/iconmonstr-connection-2.svg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.211Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/iconmonstr-connection-2.svg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:49 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 280\r\nLast-Modified: Thu, 17 Apr 2025 03:36:42 GMT\r\nConnection: keep-alive\r\nETag: \"6800774a-118\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":280,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a185db729512b49877ca1624aba127f3","sha1":"8db076d3778ddd38e64e34fec2ebacd60f7a2a42","sha256":"0a2cc3858da840ab97c2fc95b6723f0ab65575bc611c1194a8bea8eef2f5f74f","sha512":"6cc0650229f7f1042ac50fe23b83f9fdd88838daa67057d273f227e56a09034a43a0f4150032acbb3fe00420366b3145ab260b20f34b51e1fc51f7a0c28864af","ssdeep":"","tlshash":"f2d0ebdce118ef0cea6bcf30b338c0863201e09185c00a70f3b01a30390884a2844cec","first_seen":"2024-08-19T20:50:36.167419Z","last_seen":"2026-06-13T22:05:17.591725Z","times_seen":579,"resource_available":false,"data":null}},"time_used":1046,"timings":{"blocked":397,"dns":1,"connect":220,"send":0,"wait":221,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/google-play-badge2.png","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.217Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/google-play-badge2.png HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:50 GMT\r\nContent-Type: image/png\r\nLast-Modified: Thu, 17 Apr 2025 03:36:40 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68007748-21ec\"\r\nExpires: Fri, 17 Apr 2026 10:49:50 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8684,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 272 x 80, 8-bit/color RGBA, non-interlaced","md5":"6ae7c87c6d5062640444685617641c17","sha1":"c178c3bd0b2e44637163524ab85fcda4fd19ee52","sha256":"b05a3ce6adbf5526c996dcbb4670d788281bfeb73f7f3a8b3e5214648bcfa615","sha512":"1a6491a3e401b8cd1aa80e6c96a99b494452a70622298afeffe993d10e67a0c00c51639a996832628b54847aba4b5286c36af099cf9ffc95e014fc8301258545","ssdeep":"192:1S6NfH51RXEvtR9TH08diplF5jm615w2T4YydvrnEpdE1u:7N7RXatrrBsl/b1h0Yo8N","tlshash":"a0029edc9bac880776e865c100a7e9566d86cd8c65c89ef530d30c660941bff80592cf","first_seen":"2024-08-19T20:50:36.173513Z","last_seen":"2026-05-30T02:31:36.739225Z","times_seen":67,"resource_available":false,"data":null}},"time_used":1244,"timings":{"blocked":1034,"dns":0,"connect":0,"send":0,"wait":209,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/windowsbadge2x.png","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.219Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/windowsbadge2x.png HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:50 GMT\r\nContent-Type: image/png\r\nLast-Modified: Thu, 17 Apr 2025 03:36:40 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68007748-1ba2\"\r\nExpires: Fri, 17 Apr 2026 10:49:50 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7074,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 234 x 72, 8-bit/color RGBA, non-interlaced","md5":"3497e0704ddd71c33e6f8f8ba896276c","sha1":"54bf33983e28cc9a09124f5c8660d2f35fc56937","sha256":"41c9e0078a0bfe54c4fb7fe60698ea6520051ded772d29224b43108f57e7718a","sha512":"cfbfaa28e5ade910592b1979ad6d660d76591fe35d0b0b672f3ca12d9da9a3ea49756b45880df970b70ec7159d0adae20e483cdbf983eb52835f305c7a832ec4","ssdeep":"192:eL5OlKz+xdgn9H7QwFfyfCMEvfFK53zIWo:JlKzJ9kmfyqm3M/","tlshash":"1ae19f5275cbf0dc692583508cdc7ff751a5b4522e930f84d1e7d27f88165887ac4688","first_seen":"2024-08-19T20:50:36.179031Z","last_seen":"2026-05-30T02:31:36.754276Z","times_seen":67,"resource_available":false,"data":null}},"time_used":1287,"timings":{"blocked":1062,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/ic-time.svg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.206Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/ic-time.svg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:49 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 806\r\nLast-Modified: Thu, 17 Apr 2025 03:36:44 GMT\r\nConnection: keep-alive\r\nETag: \"6800774c-326\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":806,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fa92e16d419eadbdec452433d014bae5","sha1":"fad21cff82f4e93a106aa84a72eb685b904042bd","sha256":"1bc114b05919dc924d8abd3a7b4d974e85e1f4a3fc311f14ef98cbb60598b062","sha512":"1ee0e042557ae3a72fb5f750bea8dc180ca10d5e16d1aa3b9112f01a04816f54f63d1a6b3e4ab6f25bcfe276281d1c554e6c0a0ff06428c295432397b155ef58","ssdeep":"","tlshash":"d90141a183b02edaa48e8f7976747d907a46ccd9af994874c33e89305041ddedab3047","first_seen":"2024-08-19T20:50:36.171525Z","last_seen":"2026-06-13T22:05:17.638338Z","times_seen":580,"resource_available":false,"data":null}},"time_used":610,"timings":{"blocked":402,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/group.png","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.213Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/group.png HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:49 GMT\r\nContent-Type: image/png\r\nLast-Modified: Thu, 17 Apr 2025 03:36:42 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6800774a-c0ea\"\r\nExpires: Fri, 17 Apr 2026 10:49:49 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49386,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 380 x 765, 8-bit colormap, non-interlaced","md5":"f5f8933eb6451a34459218683243d756","sha1":"4f974c44135332c7f2572da21c9e272fd4e9c209","sha256":"88489a85ec06571b360a4fc78563ced601193e571dee7de3ae395d3d69b3fbae","sha512":"9dc075527d6ee5596b2cead330c16830a4e72c72bd6b712ceb212318ee19d9545e6619abac0a40fd43aae3929745155bda9e386a024656fbf037edc6d409fa8a","ssdeep":"768:zlus9+bxIw5ETok49mFnJ8lt5yWFuK0WaqvvxilOoBWO1q9OWBzsfMO4wHa:zlu5bxIw5k2tBiOxi8oBWDQWzsH4w6","tlshash":"3b23f21546e022f7d80588c5b8bb339c1cd8056fb74a61869ba7e57a06e63b494fc2cf","first_seen":"2024-08-19T20:50:36.162784Z","last_seen":"2026-04-13T00:30:00.486572Z","times_seen":45,"resource_available":false,"data":null}},"time_used":1042,"timings":{"blocked":605,"dns":0,"connect":0,"send":0,"wait":227,"receive":210,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/iconmonstr-control-panel-21.svg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.215Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/iconmonstr-control-panel-21.svg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:49 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 490\r\nLast-Modified: Thu, 17 Apr 2025 03:36:40 GMT\r\nConnection: keep-alive\r\nETag: \"68007748-1ea\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":490,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a63f3e0439ae36dd919281adbc6e67de","sha1":"c389665c83002c538a0e80d93730c358c470de82","sha256":"731a73babd3a653ed2bbb926c9d6a0b7e770dd782d33fe33a97084fb12ae5d07","sha512":"dcbf0381deafee2ea0f4af6fd7daca65ea712ab0af86a9125da8e5f103d7af2437697bf9a994b87efebe6bd5fcc185a8d72edf9180f90ac1ac708d9064540be1","ssdeep":"","tlshash":"a0f0e9f8d5940fece8474b20b2a42556625e995c3398cc5492780df450653dae760cdb","first_seen":"2024-08-19T20:50:36.172166Z","last_seen":"2026-06-13T22:05:17.619399Z","times_seen":579,"resource_available":false,"data":null}},"time_used":602,"timings":{"blocked":393,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/iconmonstr-twitter-1-1.svg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.224Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/iconmonstr-twitter-1-1.svg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:50 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 593\r\nLast-Modified: Thu, 17 Apr 2025 03:36:38 GMT\r\nConnection: keep-alive\r\nETag: \"68007746-251\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":593,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ceddaf8b9eee3fd765fde8d881f6bb30","sha1":"eb474a41278442e24496c299a8ec5c6ce6a96cc0","sha256":"9173e9e1073dc20ba997e89030400e0840e8c409ae23b2efd2557ec798c63680","sha512":"fba8a6eb676e6f29a6efff77cd6b91fb7ba6c253fab4484f0a9db3bb446ceec983f4773cfacac5e5d4899b1b448fa0411091acd08441600bc477971eefbee5b3","ssdeep":"","tlshash":"a8f0acf997fc6a7c29a7dfa81f2860a4270e30f6334087d2940c5f204b020e9c55be4c","first_seen":"2024-08-19T20:50:36.184719Z","last_seen":"2026-05-30T02:31:36.735999Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1650,"timings":{"blocked":1441,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"js.users.51.la/8218479.js","fqdn":"js.users.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.174.229.1","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.users.51.la","organization":"广州有啦网络科技有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 25 Mar 2025 01:23:19 GMT","end":"Sun, 26 Apr 2026 01:23:18 GMT"},"fingerprint":{"sha1":"F7:D4:70:77:2E:9F:2D:06:FB:AE:8D:0A:D1:3B:90:C6:9B:F7:CF:2D","sha256":"E7:E6:B9:38:0C:D2:69:98:96:FE:5A:E8:2D:93:9F:DF:C7:D1:F6:2F:EB:16:4D:63:F4:28:F7:88:A1:49:38:CF"}}},"request":{"raw":"GET /8218479.js HTTP/1.1\r\nHost: js.users.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncontent-encoding: gzip\r\ncache-control: no-store\r\ndate: Wed, 18 Mar 2026 10:49:49 GMT\r\neo-log-uuid: 9059778311941519659\r\neo-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":4897,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4897), with no line terminators","md5":"745040dafa812a6c43d8508a26d09187","sha1":"578965297b091fd34e1f55c12db9abdf7230d0a5","sha256":"abc34484489accf2ed7d0c777994afe382e9b17c5cbda608639f414b2c0ed390","sha512":"0d99e32643412224464547621f63ba78f09a7c74a862219164fcd5c968ec372581233e3801c5933e887ddbb228ffe439d1e9bec0a437d612e1013f0fe2144bfd","ssdeep":"96:nHmPg4EY5Qc1dnqW7aUWp36QXiWgQ95qEIopwm3B5fXOiDgCQgeKrmpj:HmPZEY+cRpeUS36QXiWL5jfpwQXOiDgT","tlshash":"1da1944e74e1b8a207d721b5502f640ff2786a60589cd590ea63e8e13db499f4333fad","first_seen":"2026-03-18T10:50:14.55541Z","last_seen":"2026-06-02T06:06:16.656515Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1414,"timings":{"blocked":528,"dns":103,"connect":19,"send":0,"wait":330,"receive":0,"ssl":431},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/html/888/vector-smart-object-world.385522f7.png","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.641Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /html/888/vector-smart-object-world.385522f7.png HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/html/888/lawyerwls.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:49 GMT\r\nContent-Type: image/png\r\nLast-Modified: Thu, 17 Apr 2025 03:36:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68007754-1bc25\"\r\nExpires: Fri, 17 Apr 2026 10:49:49 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":113701,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1133 x 660, 8-bit colormap, non-interlaced","md5":"385522f7300c9aa82b79cbd057f8b8a0","sha1":"d941ffb37b3e8210c4ef9cb7d75512b4288c57e5","sha256":"da68dbc7ca562c0c4505f965e71f16d74a35aba020294d85e25f3139780bd30e","sha512":"d133e1f7cffe66aac4d094648587045dce9d90802b0b6aa4595032a1cd51e536f26973fdf63422f0e7c304e631551738792f52d40ecfc2b946f6b47e8e4aae56","ssdeep":"3072:SLXNL1jtrk1p9u7ngiDUHPGWKlTpljqB9vDCiNnonLNH4hrGLVR/:QJ1tkn9ahDUHPGXlzGvDvonZYNGLz","tlshash":"ffb312b45eda8f3a624990d293ec5a94c16b3c588d0cd7fc1663123962c18cd7737a1f","first_seen":"2024-08-19T20:50:36.168925Z","last_seen":"2026-05-30T02:31:36.717948Z","times_seen":452,"resource_available":false,"data":null}},"time_used":1011,"timings":{"blocked":175,"dns":0,"connect":0,"send":0,"wait":211,"receive":625,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/iconmonstr-arrow-right-thin-1.svg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.205Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/iconmonstr-arrow-right-thin-1.svg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:50 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 231\r\nLast-Modified: Thu, 17 Apr 2025 03:36:44 GMT\r\nConnection: keep-alive\r\nETag: \"6800774c-e7\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":231,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"656735ab83f586d888622d35ab28fae9","sha1":"16930a7d51143b7fa6df40b0ce0d0c1c63d50167","sha256":"2518b3e2251086046c725d845c35c8618b6590ce4b072c1258a514217eb6b158","sha512":"169a0f4f9c719b3022eb642ed37921137d3f9a4d50cab9e43f031da0eb645fdf7615effd52c9777817a71787d506f382e4f4ba166ea5f3f725a0edbc9c4cb394","ssdeep":"","tlshash":"c9d097ed23d89a2084180b32af6c23801286b08e0048208cf1910465d8482d2aa3a8f8","first_seen":"2024-08-19T20:50:36.170879Z","last_seen":"2026-06-13T22:05:17.601027Z","times_seen":580,"resource_available":false,"data":null}},"time_used":1076,"timings":{"blocked":855,"dns":0,"connect":0,"send":0,"wait":221,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/ic-lock.svg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.210Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/ic-lock.svg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:49 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 460\r\nLast-Modified: Thu, 17 Apr 2025 03:36:42 GMT\r\nConnection: keep-alive\r\nETag: \"6800774a-1cc\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":460,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6e303a823bcc6379eedf1cafac537d07","sha1":"67cbfb75da1caeb9dae60583a40fe8e263eb6763","sha256":"a73001be2e566744cc71c22698e2ca995bcc24e525df5c45d952ee384d4fc76e","sha512":"40cb93c8fb35bfea4b657433f4e1b5f1d42499e28eaf2ffce9435c058e1f4a25c28ef57b72b12b61477799462b61e578cbd51d45a89cafbed5caa2fc1939fe7b","ssdeep":"","tlshash":"d4f05cddd7769a1cb4d50ba0a76d6c60390da4e50e44cd2493954ed125c436719408c4","first_seen":"2024-08-19T20:50:36.164863Z","last_seen":"2026-06-13T22:05:17.65697Z","times_seen":580,"resource_available":false,"data":null}},"time_used":1128,"timings":{"blocked":398,"dns":0,"connect":302,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/devices.svg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.220Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/devices.svg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:50 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Thu, 17 Apr 2025 03:36:40 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68007748-615d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24925,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bf2d967d51e3feea89766940bf0edecd","sha1":"c025677362879423159bc258b2931ad78a1c30bb","sha256":"7b4b73d0880c77cfd4a68a113e0623fc512d20f3ecb65a771cce7edb1746304c","sha512":"bb18e16b61e9c39c934803676522be91e199eb7fb8dd32ffd672f9bcae8553a4f23f36f2ea0749de807fffc5a240d518cba821d727c50d710933edb7074fdb2f","ssdeep":"768:V5+ezyqcKQXasQEGf9+HD8J1LQyW0SP3XUkwRTon16JQiU52dQd+:OePhQXasQEGf9+HD8J1LQyW0SP3XUkQT","tlshash":"bbb243cb11b4d26054c9c79e9f7aacc13416a0bf2d3656caf3dd4a495b8b986f206f80","first_seen":"2024-08-19T20:50:36.179715Z","last_seen":"2026-05-30T02:31:36.732783Z","times_seen":67,"resource_available":false,"data":null}},"time_used":1445,"timings":{"blocked":1236,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/yellow-pixels.svg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.221Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/yellow-pixels.svg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:50 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 603\r\nLast-Modified: Thu, 17 Apr 2025 03:36:38 GMT\r\nConnection: keep-alive\r\nETag: \"68007746-25b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":603,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c320fc2579f9bf23ae35a1e018ef9798","sha1":"4e2337d56d0d96fcebc0c7cd21233468d77a5e13","sha256":"3b1f229b350e7843f296e9812e7866f74012af5af095edfc9d6283bada1024ce","sha512":"eafd3cd59c55d2942bfe183ced5bcbeb9d014621dbd86ab80cf95c01ee5fe40b3a7ef73fcc87d6b9fbcc6d011a7d5476e2820df21c799595cb8855aa8b97f09a","ssdeep":"","tlshash":"89f0f67b0f7d813c44ce5b2ebfd0a5bf12e540667f704516b0023a9ca659d87580a9b6","first_seen":"2024-08-19T20:50:36.181036Z","last_seen":"2026-05-30T02:31:36.751646Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1452,"timings":{"blocked":1243,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/vector-smart-object-world.jpg","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.223Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/vector-smart-object-world.jpg HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:50 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Thu, 17 Apr 2025 03:36:38 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68007746-8aa8\"\r\nExpires: Fri, 17 Apr 2026 10:49:50 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35496,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1133x660, components 3","md5":"2155cdc4bbbc1c9cd654d644c7d892d3","sha1":"60b1d36bf0877665786b58089b0b55858ac10667","sha256":"f755e45045a0b3d895c6da32423db71ae9df9862d36e74b1837daf62a3eec079","sha512":"efabab1ebc099a7364450f833b440d1f749aa79cd91a20abd1e1cb81d6f2098cb840cae7befb15667a7c61d7a31bdd4f11d3f8390f230ed1c8deca654625861b","ssdeep":"768:2WrA0u41XqvtK5NKyk+CvFMG6QXvS42KZpIMh8lS:2EA0D6E5/zCz6QXEeDhkS","tlshash":"a9f2f169eabcfe25edcd0e7c7882b75315539201afed74bb600962db0422dd0e726891","first_seen":"2024-08-19T20:50:36.182765Z","last_seen":"2026-05-30T02:31:36.748993Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1904,"timings":{"blocked":1296,"dns":0,"connect":0,"send":0,"wait":305,"receive":303,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/moban/mo3/bian_files/upgrade-top.png","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.222Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /moban/mo3/bian_files/upgrade-top.png HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:50 GMT\r\nContent-Type: image/png\r\nLast-Modified: Thu, 17 Apr 2025 03:36:38 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68007746-1b6d\"\r\nExpires: Fri, 17 Apr 2026 10:49:50 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7021,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1793 x 198, 8-bit colormap, non-interlaced","md5":"a7f3571d84875739f17f90d871758d31","sha1":"08aba808007b718c4fcd928b846f9ff02abac220","sha256":"ff2ffdeab43da636a3c1adbbd195c760da36286c706768a7e2fda98634a78443","sha512":"65072f089921c2e8e1747a852b4570c45015ce66c2f4bb12f03cf85f7f7aaa5459cbe847fe2373e4508057f14064ebb55c70be1490e87a0c4c495655520b2794","ssdeep":"192:bgSaqhc+/++JHLENXSl/JbC9H+vhMV5l0+Be++BnRsuhGU34:1Nc+m+JI2NcHrVvbBQniu8Uo","tlshash":"84e19f9d786d452dd40e6a608227d32d6df90dd6883ed71d7459002f9be9f2313b8638","first_seen":"2024-08-19T20:50:36.181709Z","last_seen":"2026-05-30T02:31:36.713476Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1507,"timings":{"blocked":1284,"dns":0,"connect":0,"send":0,"wait":222,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/tongji.js","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:49.228Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /tongji.js HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:49 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 252\r\nLast-Modified: Mon, 14 Apr 2025 03:44:28 GMT\r\nConnection: keep-alive\r\nETag: \"67fc849c-fc\"\r\nExpires: Wed, 18 Mar 2026 22:49:49 GMT\r\nCache-Control: max-age=43200\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":252,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"4333c1fb0ea7da6ff6a58046f3d60ee8","sha1":"d9b49fae5a9260aaac6f98a2bce92f1acda838da","sha256":"682a43c79a6216b11e30fd29c3202a10e2bebfbc7e8e649da7e9d060f5e6cab2","sha512":"b8aef1a0a0f72b9068d21d4aedff9cec8c066085e12ed2d36f6eb6706753f0bfe2b07212ad917ca04adde196c71baba3a00e1d679b642d4f14a366f377672da7","ssdeep":"","tlshash":"4ad0951f6c1d1434139a087d51fef54cf2b1514c503dd10181dcd4104960ed10c3e7cc","first_seen":"2025-11-18T13:28:12.140659Z","last_seen":"2026-06-04T05:36:57.415001Z","times_seen":6,"resource_available":true,"data":null}},"time_used":575,"timings":{"blocked":159,"dns":1,"connect":207,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ia.51.la/go1?id=8218479\u0026rt=1773830990235\u0026rl=1280*1024\u0026lang=en-US\u0026ct=unknow\u0026pf=1\u0026ins=1\u0026vd=1\u0026ce=1\u0026cd=24\u0026ds=%25E5%25AE%2589%25E5%25B8%2581%25E4%25BA%25A4%25E6%2598%2593%25E6%2589%2580app%25E4%25B8%258B%25E8%25BD%25BD%25EF%25BC%2588www.lzhxsy.com%25EF%25BC%2589%25E6%2598%25AF%25E9%259D%259E%25E5%25B8%25B8%25E4%25BC%2598\u0026ing=1\u0026ekc=\u0026sid=1773830990235\u0026tt=%25E5%25AE%2589%25E5%25B8%2581%25E4%25BA%25A4%25E6%2598%2593%25E6%2589%2580app%25E4%25B8%258B%25E8%25BD%25BD_%25E5%25AE%2589%25E5%25B8%2581%25E4%25BA%25A4%25E6%2598%2593%25E6%2589%2580%25E5%25AE%2598%25E7%25BD%2591_%25E5%25B8%2581%2520%25E5%25AE%2589app%25E4%25B8%258B%25E8%25BD%25BD%25E6%259C%2580%25E6%2596%25B0%25E7%2589%2588%25E6%259C%25AC\u0026kw=%25E5%25B8%2581%25E5%25AE%2589%25E4%25BA%25A4%25E6%2598%2593%25E6%2589%2580app%25E4%25B8%258B%25E8%25BD%25BD%252C%25E5%25B8%2581%25E5%25AE%2589app%25E5%25AE%2598%25E7%25BD%2591%25E4%25B8%258B%25E8%25BD%25BD%252C%25E5%25B8%2581%25E5%25AE%2589%25E5%25AE%2598%25E6%2596%25B9%25E4%25B8%258B%25E8%25BD%25BD%25E6%259C%2580%25E6%2596%25B0%25E7%2589%2588%252C%25E5%25B8%2581%25E5%25AE%2589%25E4%25B8%258B%25E8%25BD%25BD%25E5%25AE%2598%25E6%2596%25B9app%252Cbinance%25E4%25B8%258B%25E8%25BD%25BD%252Cbinance%2520app%252C%25E5%25AE%2589%25E5%25B8%2581%252C%25E5%25B8%2581%25E4%25BA%25A4%25E6%2598%2593%25E6%2589%2580%25E5%25AE%2598%25E7%25BD%2591%252C%25E5%25AE%2589%25E5%25B8%2581%25E7%25BD%2591%25E5%25AE%2598%25E7%25BD%2591\u0026cu=http%253A%252F%252Flzhxsy.com%252F\u0026pu=","fqdn":"ia.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.174.227.28","port":80,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://lzhxsy.com/","date":"2026-03-18T10:49:50.243Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /go1?id=8218479\u0026rt=1773830990235\u0026rl=1280*1024\u0026lang=en-US\u0026ct=unknow\u0026pf=1\u0026ins=1\u0026vd=1\u0026ce=1\u0026cd=24\u0026ds=%25E5%25AE%2589%25E5%25B8%2581%25E4%25BA%25A4%25E6%2598%2593%25E6%2589%2580app%25E4%25B8%258B%25E8%25BD%25BD%25EF%25BC%2588www.lzhxsy.com%25EF%25BC%2589%25E6%2598%25AF%25E9%259D%259E%25E5%25B8%25B8%25E4%25BC%2598\u0026ing=1\u0026ekc=\u0026sid=1773830990235\u0026tt=%25E5%25AE%2589%25E5%25B8%2581%25E4%25BA%25A4%25E6%2598%2593%25E6%2589%2580app%25E4%25B8%258B%25E8%25BD%25BD_%25E5%25AE%2589%25E5%25B8%2581%25E4%25BA%25A4%25E6%2598%2593%25E6%2589%2580%25E5%25AE%2598%25E7%25BD%2591_%25E5%25B8%2581%2520%25E5%25AE%2589app%25E4%25B8%258B%25E8%25BD%25BD%25E6%259C%2580%25E6%2596%25B0%25E7%2589%2588%25E6%259C%25AC\u0026kw=%25E5%25B8%2581%25E5%25AE%2589%25E4%25BA%25A4%25E6%2598%2593%25E6%2589%2580app%25E4%25B8%258B%25E8%25BD%25BD%252C%25E5%25B8%2581%25E5%25AE%2589app%25E5%25AE%2598%25E7%25BD%2591%25E4%25B8%258B%25E8%25BD%25BD%252C%25E5%25B8%2581%25E5%25AE%2589%25E5%25AE%2598%25E6%2596%25B9%25E4%25B8%258B%25E8%25BD%25BD%25E6%259C%2580%25E6%2596%25B0%25E7%2589%2588%252C%25E5%25B8%2581%25E5%25AE%2589%25E4%25B8%258B%25E8%25BD%25BD%25E5%25AE%2598%25E6%2596%25B9app%252Cbinance%25E4%25B8%258B%25E8%25BD%25BD%252Cbinance%2520app%252C%25E5%25AE%2589%25E5%25B8%2581%252C%25E5%25B8%2581%25E4%25BA%25A4%25E6%2598%2593%25E6%2589%2580%25E5%25AE%2598%25E7%25BD%2591%252C%25E5%25AE%2589%25E5%25B8%2581%25E7%25BD%2591%25E5%25AE%2598%25E7%25BD%2591\u0026cu=http%253A%252F%252Flzhxsy.com%252F\u0026pu= HTTP/1.1\r\nHost: ia.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://lzhxsy.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: TencentEdgeOne\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Wed, 18 Mar 2026 10:49:50 GMT\r\nEO-LOG-UUID: 7412213595569201222\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T17:31:21.532601Z","times_seen":16489423,"resource_available":true,"data":null}},"time_used":1097,"timings":{"blocked":120,"dns":101,"connect":19,"send":0,"wait":857,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"lzhxsy.com/","fqdn":"lzhxsy.com","domain":"lzhxsy.com","tld":"com"},"ip":{"addr":"156.254.74.21","port":80,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-18T10:49:48.582Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: lzhxsy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 18 Mar 2026 10:49:48 GMT\r\nContent-Type: text/html\r\nLast-Modified: Sat, 19 Apr 2025 06:16:08 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68033fa8-6735\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26421,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (916)","md5":"692ad2598c829a6dcc21e93220f0945f","sha1":"241af21a143955eb185fde516ac4b53aefa09d0b","sha256":"b51a17624ba940dfd94a7670c270daf5ed822333122b17adad3916923f0ba40f","sha512":"dadac5cea3c831dfd1abe35a1dacdb3272a4bec311c9609137eac2aa780bd0661c4c26c50add86cb3d18b60e95b249d68e8db3e33fc5c7ed23df4c6a02ae262e","ssdeep":"384:pxiuuY+N1e82z9QoGm4EkevWRdw/sBEZBn:pxiuuGH9QoGSTLn","tlshash":"fcc2312295fe187341838089663b5f1a5fc7da33eb1785007aac2aa56f93d56cd4333e","first_seen":"2026-03-18T10:50:14.561484Z","last_seen":"2026-03-18T12:33:44.994392Z","times_seen":2,"resource_available":false,"data":null}},"time_used":629,"timings":{"blocked":208,"dns":1,"connect":209,"send":0,"wait":210,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"lzhxsy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"lzhxsy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}