{"report_id":"1e04278b-e662-468e-af29-e57598cd11a0","version":6,"status":"done","tags":[],"date":"2026-06-07T00:32:58Z","url":{"schema":"http","addr":"9268365.com","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":0,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"9268365.com/","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"title":"Demo","dom":{"size":14025,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (635)","md5":"65e2333568bce99cceee6afcb87eee94","sha1":"95df643de8f00ace1a8afb3942b21e464acf2f5f","sha256":"23c5cf74da939f8c5cf055eb1075c613308911cd40a3b555fb54db8bd46da4c5","sha512":"4ba1cd48f0d87999d65540fbcd395cf282e405a3382201cc4749c64dd774e04045ab240c4c8637138bba29f6358537114d833cee534967a6f540e8cf26b703ac","ssdeep":"96:PiNuMQY9lTy7thD0gihkVVe3KM3jFk7oiToEbPT2G:Pi4Ml9lTqt6hknr2G","tlshash":"e4522b05a6f22cd344234e916926a9a26ec0510b8b0b486035ec0fdfff69db65d6f7dc","dom_hash":"domhash92b36847b641c3639980acf374362917","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"9268365.com","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":0,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-12T00:32:58Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"9268365.com","ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"domain_registered":"2017-04-13","domain_rank":0,"first_seen":"2026-06-06T13:59:03.710067Z","last_seen":"2026-06-06T13:59:03.710067Z","alert_count":185,"request_count":37,"received_data":7220985,"sent_data":16230,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"9268365.com/js/rem.js","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"e74e945fcc19cbd1d5276e5d4548d525","sha1":"8236e3f3fc64916f9f7f65e8aa2680c9302f0858","sha256":"33442081f56c808935dba715de506e29ebf99eea4d997a64818edb9081369fa5","sha512":"a31082fa7c4afd5138b6f5048ea64b3fced8635505c69b56b2de5168b699069401b415f26eb42ed6ccdbc8e8c8db6f50618fea5890565ed5404f360176907245","ssdeep":"","tlshash":"8a01f166644125384b2b0009a925726cfeb7811303235283f45cae766fb0e430ab1fdc","size":840,"data":"","first_seen":"2023-03-07T12:23:57Z","last_seen":"2026-06-09T17:49:28.669655Z","times_seen":15118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"a23bf4d00cdc8c017cdf7d07dc5cad3d","sha1":"7c26b09e878b906e545cac5ec30f7f0b2af65384","sha256":"4bd46f7ab95aa8ff71408d5bf6f6367c5be168e8d8cabc65e08b7f0b35e08a15","sha512":"a7ff7414da9fe47a96bac4bc47498aba4c7021d75124e4917b261e407617a5ebe04d37ab711993ebfa505086b65bbff342ac070635b6cb246545fb0354347215","ssdeep":"","tlshash":"a6012b49516960756427a81a8ede6305953241075c2bfc75b88c0b449f1e33e96b97d8","size":741,"data":"","first_seen":"2026-04-07T18:33:50.39125Z","last_seen":"2026-06-07T00:33:05.754458Z","times_seen":66,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/js/swiper-4.2.0.min.js","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"be15b3ba6a71edd608b9af34dfc6130c","sha1":"b11842fbe74778511b86bf899fbd02102b57ac62","sha256":"add18244c3d92cb789bd50456f05f02ca034c908bbf4210fedbd9013b3bf5d96","sha512":"ba9c83238efc0b5f43e2e85b104a2b1b010defa0f12d7c3cbff918fae76a7f3d3753ee18dead132729bdd0ae8a3854a481bcba35655dd37a6b6a03813d295029","ssdeep":"3072:6ShcwIktpnBohgZu7HgZsUOUFBWqJTq+NX:hlIktFBohgZu7HAsUOUFBWqJTq+l","tlshash":"65c3184eb390619510e36256565e9241a3b72809780ad0ac35b6cce7adbde4c13bfffc","size":119506,"data":"","first_seen":"2023-03-07T12:23:57Z","last_seen":"2026-06-09T17:49:28.67071Z","times_seen":14175,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/js/jquery-2.2.4.min.js","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85578,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-10T00:13:10.408387Z","times_seen":284043,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/js/MobEpp-1.1.1.js","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"b4cd45273f059ebff2ac2185efd52bf9","sha1":"fe2cca20ad99606127aa64fe74059f4dfd6dad60","sha256":"3816789af95bb9ed6245bab40c8a8aa56082819801a93d4a79ff9599bd7dc68c","sha512":"ac94c7f14b8091240cd29166ccab408f09af554c4a38e7aae2618b65429c3e2cd0885810a2f2cb5b0f937c793e15abe9a5ce6bc226f503ae4c8b61490fc785ae","ssdeep":"384:zJdTONjokUwV3CfyTxGZ8wvvC1x8AAr4VZjladj8yUorA49NfNoxRZ9Tbmmxyh5B:z/OxokU9BA1yU8sbPgMU","tlshash":"2bb251587b4c156d80e3b67a027f1909ec3dc433960485a4f0bda9e46ff465a232eebd","size":25176,"data":"","first_seen":"2023-04-06T18:33:51Z","last_seen":"2026-06-09T17:49:28.664404Z","times_seen":8988,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"9268365.com/img/097c5d_750x750.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/097c5d_750x750.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 20:45:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6a00-d9ba8\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":891816,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 750 x 750, 8-bit/color RGBA, interlaced","md5":"dbf83309b056148040fdfe441a62f760","sha1":"fc546493faf821bbfcef85c1e39c98ca0c1e4f45","sha256":"619932a5367f9620c5d356035b8df9174aba522e351837d9008587c0e1097c5d","sha512":"7cbb3b10589857c5beefa9f2ad8320575511c9bfd2bb1e29f6e4c46c206b59992f7a4d392290e78e9117697c884566a6499f00d167fbc5b93e1944a7ce0f24a2","ssdeep":"24576:9dvLmRdl6poSQgJyAde1Fzuc9Qoz9oc7srIDH1Jwu:DLm8pojgJC1luNc7nBJwu","tlshash":"cb1533c40c711ca7707250cf169ae7d3fa39352a1694310d0f78daa6ebf2ea4c6619db","first_seen":"2026-04-07T18:33:50.368428Z","last_seen":"2026-06-07T00:33:05.718638Z","times_seen":66,"resource_available":false,"data":null}},"time_used":498,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":498,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/d431b0_750x750.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/d431b0_750x750.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 20:46:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6a26-d9c20\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":891936,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 750 x 750, 8-bit/color RGBA, interlaced","md5":"65632e1e0d5aabf2b1fac271dd2c502b","sha1":"5c9398461691e37ab522afa2b289efd6ee5638d8","sha256":"6cb7fa1075d5e42f996c528baa42d42e6be4d1cbeabf19ca356a18373fd431b0","sha512":"1623e493e6adc8945d47fb00ba5892159531771eb4f9c78773eff3325ebc51e24bfe9962c1a3920f110dc7fa791ca84d0dac24727c9e4254fdc09f100c7eb158","ssdeep":"24576:WlX/N4D40lmgyAzFBKtyndTuOH6MkHRapH1k/:Wl2fyAz/vdTum6RapH1k/","tlshash":"6615333676ee47035018f79c157147a916ed638aade0b9ac51f20aca8c38937f623d1f","first_seen":"2026-04-07T18:33:50.366707Z","last_seen":"2026-06-07T00:33:05.719783Z","times_seen":66,"resource_available":false,"data":null}},"time_used":991,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":991,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/c9eafd_560x32.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/c9eafd_560x32.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 20:50:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6b2a-2faf\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12207,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 560 x 32, 8-bit/color RGBA, interlaced","md5":"6ede230dfc6029c8c24f1bd5cedc7de7","sha1":"206f68ac99fe94ba00e86aad2f600a261b4dc402","sha256":"b913c0694b2f1daa3e5227327fecde4f404be3e19494396fa7a2961ef5c9eafd","sha512":"46a5f51c1ae676351206a4d42b912ab6bdf44c94f1d7145e4f3c15e4af0097f3c61d7ef73cf5c6d2f1437a6ee116cc62df8912a357fb527e52ef116505ec8f06","ssdeep":"192:yIIHUCD4wagOEx8qqgkCVihyuvGNejDR2GXJ1GGsn+7pWGyRDvW5JtPKFu:c0wCE7kCViYu+Nej15JzFWFmnPz","tlshash":"7b42c04cb91455d4102b03556efaec57426392c8e1a4b66dfdaad7ef06a8d60c432ccb","first_seen":"2026-04-07T18:33:50.359403Z","last_seen":"2026-06-07T00:33:05.720796Z","times_seen":66,"resource_available":false,"data":null}},"time_used":989,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":989,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/6d3b14_750x140.jpg","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/6d3b14_750x140.jpg HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 02 Mar 2026 16:00:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a5b42e-b404\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46084,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=3, xresolution=50, yresolution=58, resolutionunit=2], progressive, precision 8, 750x140, components 3","md5":"6c6aac6b0db60b4583ea1df4abe9142d","sha1":"fbcf07a18f3d602df5cabf60582da9d8e43d22b8","sha256":"88ba93e49a62b8c611243c9890c02197ecff5309cb78beb1da24444b18474127","sha512":"c8fe0d074ea8a610ebe226de30599023431b47b01a67fc249df8988b286ffc7b1163b4524af52d7a9c9ca712c99ed6cb495e2aa09a9ecfac36faa10ec2171722","ssdeep":"768:wYyCulxhNdxkeDvwgAsyDXeNlQXXH8di7WXE8y6k/HseHkSx1HIckNKSg4pBxoxQ:wj78gAsyDekXsdi7V8ygeH1HHZSg4pnd","tlshash":"b423f1bfecf23e85ca50b13191c7da3946622670ee47799d3e11a92421c7849eacdc38","first_seen":"2026-04-07T18:33:50.376753Z","last_seen":"2026-06-07T00:33:05.721757Z","times_seen":66,"resource_available":false,"data":null}},"time_used":982,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":982,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/css/style.min.css","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /css/style.min.css HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 31 Jan 2026 21:08:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6f52-1c88\"\r\nexpires: Sun, 07 Jun 2026 12:32:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7304,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7304), with no line terminators","md5":"563d93264982956720f05f6d76eabd2e","sha1":"d174818c4fb3c2f5e63af105608af7a303b34798","sha256":"d37c3978a844b531f30cd5e6e803d008cb40f9a105860e19e4e47e0d8de42b85","sha512":"f32d55381956883d8124f09ba4150595d0ea11cd56b444b210df01c33b5e5fa140b57076fc120adcbe03e89314c8e370432e933f2910392e5da99936613b7f1e","ssdeep":"96:3zQdbEQFb+tree4IsYI9XJUc+s7zG2xkq2PC39VJKV3aewPDa7SO/kaj+c1tj3w:ztreVQb2V20VJKVSRAb0","tlshash":"c3e1837baa51311dd12bd6613de06bdc1538c026e3070a8dd51a7e368a8f19b0a77acd","first_seen":"2026-04-07T18:33:50.353091Z","last_seen":"2026-06-07T00:33:05.722695Z","times_seen":66,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/css/Swiper.css","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /css/Swiper.css HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 27 Mar 2020 10:44:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5e7dd928-3570\"\r\nexpires: Sun, 07 Jun 2026 12:32:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13680,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13412), with CRLF line terminators","md5":"60a23d2c5b75975b1a2c21520e483352","sha1":"7ec5dfff3b6bd1a12fe64fb61c568c034ce354cd","sha256":"56c3dd16a5cf2ebefe0a3ee896bb3f20bc7b4327f75588188343c488d4aa951c","sha512":"de482c885d09fc675f8cb265c60d551928a23ad9924ede951197d8c743c99db75b8b397c37c07f4bfacb970b3ab9f676e0bca839438ba8084f4373211da6e4e1","ssdeep":"384:rLUbeQS7Rgx9BU0W/XCcif65W/1mXA82FHpx:r4b67gbhW/XDif65W/1mXA82Fn","tlshash":"e252236417003837f3774f6e4aa1e6b59f60cc838a934d9db2c0dd44d6f98b9122eb95","first_seen":"2023-04-06T20:03:49Z","last_seen":"2026-06-09T17:49:28.690627Z","times_seen":11308,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/67fc2f_142x142.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/67fc2f_142x142.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 21:00:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6d6e-f308\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62216,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 142 x 142, 8-bit/color RGBA, interlaced","md5":"c6165f15b9f9a83150e3e41532e95eff","sha1":"8fe7cfead99119539f837770fa2f91bd48d5c892","sha256":"583acf5c960f66a2bf5d58fefb40b9a222893382d286165786a3a2ebdc67fc2f","sha512":"794c12c72f81875deb789c65b6ae41808ae5080ac65be5f33dfaa4e238f9638283904779784fdbd0f990c6000a76a576b72aa0866795b9fbce4532d813fc7d82","ssdeep":"1536:vaAA6s8Rx3y9MKgRNoIq+rtDes3H03bFPWkRoRGWjWfnw:P6V9MJ/C2tDe204LwFw","tlshash":"fb53025d103817610e22926a74e8758ba731f25ae1f7cd543af8809d5f2c2942b3bf5f","first_seen":"2026-04-07T18:33:50.362173Z","last_seen":"2026-06-07T00:33:05.724728Z","times_seen":66,"resource_available":false,"data":null}},"time_used":985,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":985,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/026638_624x64.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/026638_624x64.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 21:03:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6e22-c473\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50291,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 624 x 64, 8-bit/color RGBA, interlaced","md5":"ce573f9efa512b1e3f7db577a465d8b9","sha1":"fb47dd0915a34acf76db438eb187b050e9eff636","sha256":"2847b0f4c571f06667846094abf7d79699e3dd2de3b8f38218c0340064026638","sha512":"f660407c051f5160a47278091ee37b01810746243a3be05575f5a400108a2f2ba3e725970bdcc3499ba7f93b622c11ae29805153edfc98bfd3a2200a81fde5a4","ssdeep":"768:GOeGMYPPEnzTsTqJporwzFIGJ1G72lX4r05+xQzekrKdJBo6zMr+s1GL17Je:T/2JlBk8SC+xQakrKdJWusYL1Ne","tlshash":"c533025d92d63da8413aed0c1e9703510d6b4bb0eaae21749d7770a7ae002abcfc570f","first_seen":"2026-04-07T18:33:50.383804Z","last_seen":"2026-06-07T00:33:05.725618Z","times_seen":66,"resource_available":false,"data":null}},"time_used":983,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":983,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/js/jquery-2.2.4.min.js","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /js/jquery-2.2.4.min.js HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 13 Dec 2016 13:58:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"584ffe6e-14e4a\"\r\nexpires: Sun, 07 Jun 2026 12:32:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85578,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-10T00:13:10.408387Z","times_seen":284043,"resource_available":true,"data":null}},"time_used":981,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":981,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/247362_210x76.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/247362_210x76.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/css/style.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 21:05:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6eb2-7378\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29560,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 210 x 76, 8-bit/color RGBA, interlaced","md5":"5780d1fe4ca089edaf8b17bf26bdd181","sha1":"df8bbc87a9100efaf60cd515299c96c2e7ac3514","sha256":"4ceb72296cbd1bdac5449978dc6ff0bcf7b656f63c475dbf2f3e8726f7247362","sha512":"e3637a7f7d1d263a3ef5cbf13660dd7bace59a769feafad3d03eeba03372444971503304cd10ae17cb8f6f28c908e7a38c1b84ce95c45271e2e14d7d94732de6","ssdeep":"768:MUk43jnYpAjQA3y5a2w2rSP9I78CdbufSIgpMc:plQYQbxw2rSF08IjIOMc","tlshash":"9ad2e150d395a90e2c484c3c347261da5b3b65c864ac9bb9bf5ed86fdc58cf0b1119ec","first_seen":"2026-04-07T18:33:50.377989Z","last_seen":"2026-06-07T00:33:05.727478Z","times_seen":66,"resource_available":false,"data":null}},"time_used":697,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":697,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/6dc71a_426x128.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/6dc71a_426x128.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/css/style.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 20:49:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6af2-c44d\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50253,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 426 x 128, 8-bit/color RGBA, interlaced","md5":"57a08d6f1574373ca03456f557054833","sha1":"d635bceb98e0742c6c0535bdc6ed75e8bf267845","sha256":"4269b31675182755f2e24deba068877fa201fb3c93578a7fc133b4e5976dc71a","sha512":"bd1b6aac45531a917e663b907f1dd3abd3385c59fa07b0a4d80562bc106c673842c8bc9397a32be46a64c9e51dbe1da66ed073ce63e44dc1394c9c838baaf39a","ssdeep":"768:eTO4qOpp7/x7mJyGZv8ZipWNGQ8bz208bwPAV1wMl+biz8gdjoH1pVH9k:QP7/x7ut5vaGf208bwYV1u+8gmhH9k","tlshash":"4c33f2d9a0192187b707823f38e761570b63faa6eb95b458b9ec4e8cc4274f116c4dd3","first_seen":"2026-04-07T18:33:50.389019Z","last_seen":"2026-06-07T00:33:05.729223Z","times_seen":66,"resource_available":false,"data":null}},"time_used":698,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":698,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/cf00d5_662x710.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/cf00d5_662x710.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 20:56:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6c94-ca3fb\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":828411,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 662 x 710, 8-bit/color RGBA, interlaced","md5":"f9df1fef536bc44e02f843de6921c9ac","sha1":"63e7f38f8d80db69f1d900e2b9568b517219befd","sha256":"5200dca8b06a2ef8e712c090c52f710fd27173251f246d659e73e19003cf00d5","sha512":"f43f1484aa2b6db7cd7a963cd266ca23a6298943eacd07e48c2fd22a3bd638d58dcc0d51943118e4715a836a48c42131eef3672f8d9cbde832f2708917e4369a","ssdeep":"24576:ynAL76m8euZDrdmiRKN8LX5afqmZiwXXaSo9o:yAL76m8euZDpmiRPtafXiIl","tlshash":"510533c3b170a39d44375b7118272ba7dcb2170aab6566786a9fc5ae0fa703b24048d7","first_seen":"2026-04-07T18:33:50.386739Z","last_seen":"2026-06-07T00:33:05.73028Z","times_seen":66,"resource_available":false,"data":null}},"time_used":987,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":987,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/be2c3a_142x142.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/be2c3a_142x142.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 20:59:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6d2e-dfb8\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57272,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 142 x 142, 8-bit/color RGBA, interlaced","md5":"458839c437517a4d552acc9c45f4069c","sha1":"249e96aa305627a880629c0812acc3f1ef5a67fb","sha256":"4887efe35ed3b312daa3e96c75e2d5edbbbfd1e60febbbc6afc55439dabe2c3a","sha512":"9148e6377b01ca59364a4a99f9890e4e6046cb42445839a3e1c1b93ed007a4b6167172b39265c9372f6b7e4d1481c9b05452f2982e5490d1a941436e3073de3b","ssdeep":"1536:0f2SIGLg9Nj8eaid4EdX7KTUWnzatrKXUWC/+id:S2jW8NjvaSpXMU0zaJKan","tlshash":"9c43028bf5edb9576002fa7d41b2e10f4f3bdb28c34aeae47df99167a2108209457342","first_seen":"2026-04-07T18:33:50.356374Z","last_seen":"2026-06-07T00:33:05.731276Z","times_seen":66,"resource_available":false,"data":null}},"time_used":986,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":986,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/12e756_122x210.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/12e756_122x210.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 21:08:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6f6a-cec0\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52928,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 122 x 210, 8-bit/color RGBA, interlaced","md5":"ccca50f2add22448b9de9e9fb2178c64","sha1":"824b9d94b3f19081fa188a0ea2677da216fb28c1","sha256":"fad6df6af3b55b67a6253bad567f6ac6330767595711dbb0ca23844aa312e756","sha512":"0c1914e0f505ca922b1dfc89827423555d92786df407d184d8cd3f0ecd7fa7b3ceb8d44b7f66a8d99c92caa135cb2e5e490260646b77554c858c69b6c5eb551d","ssdeep":"1536:pchrS6s1LUwktcM0KoYVciZAikQNYU4Nb8RqzzvBer3Zs:unsN2KbYPqik5HNb8R4zJ7","tlshash":"e03301b3ed760d8a5d4eefda15eb0809a2199a105660b9198f1d40a39732f10fc31feb","first_seen":"2026-04-07T18:33:50.349699Z","last_seen":"2026-06-07T00:33:05.732169Z","times_seen":66,"resource_available":false,"data":null}},"time_used":982,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":982,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/js/swiper-4.2.0.min.js","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /js/swiper-4.2.0.min.js HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 01 Jul 2018 18:04:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5b3917ae-1d2d2\"\r\nexpires: Sun, 07 Jun 2026 12:32:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":119506,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65273)","md5":"be15b3ba6a71edd608b9af34dfc6130c","sha1":"b11842fbe74778511b86bf899fbd02102b57ac62","sha256":"add18244c3d92cb789bd50456f05f02ca034c908bbf4210fedbd9013b3bf5d96","sha512":"ba9c83238efc0b5f43e2e85b104a2b1b010defa0f12d7c3cbff918fae76a7f3d3753ee18dead132729bdd0ae8a3854a481bcba35655dd37a6b6a03813d295029","ssdeep":"3072:6ShcwIktpnBohgZu7HgZsUOUFBWqJTq+NX:hlIktFBohgZu7HAsUOUFBWqJTq+l","tlshash":"65c3184eb390619510e36256565e9241a3b72809780ad0ac35b6cce7adbde4c13bfffc","first_seen":"2023-03-07T12:23:57Z","last_seen":"2026-06-09T17:49:28.67071Z","times_seen":14175,"resource_available":true,"data":null}},"time_used":980,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":980,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/19fd56_750x4481.jpg","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/19fd56_750x4481.jpg HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/css/style.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 31 Jan 2026 20:42:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e691a-2d5e8\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":185832,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x4481, components 3","md5":"0a9b2c01835b2d54abd632d06c9144ad","sha1":"cb71ad2705fbcf2a7dc5a7201aad3608fdf9cd03","sha256":"5e4bee0f7a603cde2240e5c4c7979de3b2bda54d6ce9edf6024cbfec3419fd56","sha512":"1ff1c12bca6da11632cd8b8293c72abc3244de22236888bdfa9d8a6cb5ed0120de1d338a5fd382502779a27f04f203dadab91e901b3caa4f8f82c99504525331","ssdeep":"3072:qO7YcXYccSUMTyWFWGvgQ2kOXIfSGiokntbRv2ZJ3DV+Obb23Anmqqqqqqqo99:5XYbBMTyWypIAtbRvI3DV+Ov2eo","tlshash":"660412299532f938e47be3344148df0562431dda3a13a81f72c29b53e986ff42e97879","first_seen":"2026-04-07T18:33:50.365189Z","last_seen":"2026-06-07T00:33:05.73404Z","times_seen":66,"resource_available":false,"data":null}},"time_used":700,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":700,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/2ff531_228x352.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/2ff531_228x352.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 20:53:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6bdc-19c58\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":105560,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 228 x 352, 8-bit/color RGBA, interlaced","md5":"e8137df9a50b2572cb187c7d7b8afe3f","sha1":"be9850185ac9f0695248e826625db8f533b253e5","sha256":"c9287694086158d08d7b0accbeb01fa0cb7542ff400636ba9297d0dd002ff531","sha512":"372be2c7cfb8829e6655d97e32430e1867fb7248c390fbb85cc2581262ec36041425aa12997c62d919f8c0e9b9554d76edd63245d0210660b40c77f000290ea1","ssdeep":"1536:UktiPGjgLAUDfvDTjH9kmOCTL/NLs+Z4Wtdl/Usij8C/4E2ntjamnj5CUGIzaMUI:UsgLAUbZkmFLrZ4Wt1wEtjai5CUGba","tlshash":"e0a312305408c98152400e0d15deffbec816b7dabb64d6addb956ccf0b8baad1c81da6","first_seen":"2026-04-07T18:33:50.369601Z","last_seen":"2026-06-07T00:33:05.734995Z","times_seen":66,"resource_available":false,"data":null}},"time_used":988,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":988,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/69012a_142x142.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/69012a_142x142.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 20:59:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6d2a-e808\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":59400,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 142 x 142, 8-bit/color RGBA, interlaced","md5":"267979775c71d18ba86aaaeb7975fb53","sha1":"a2edc3f58dfa24b2bfe64820724c70fe0c95cd0e","sha256":"d49597e85226e8779cc662d19d7c7ce5b8444ea882fb88aa0011ace98b69012a","sha512":"a819a82cc6018c653540bb72851ac3b0fd21bb194855051d14a4ba2b56e9f74ae9df08988b5242d49af968ba8549f0f72c3ee9d1c299b2a860d7e26a01bc95a6","ssdeep":"1536:0HOTu7RE0jHhs3lo4GrLPGM0EfCCJLaL4cRGX+Yx34:kZhs3lo3veMsCAL5Y+YxI","tlshash":"a343011dac9f353dae4a3b5f54a1041660378714268fe5b435380279d938101deeddfe","first_seen":"2026-04-07T18:33:50.374367Z","last_seen":"2026-06-07T00:33:05.7359Z","times_seen":66,"resource_available":false,"data":null}},"time_used":986,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":986,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/d38cbf_142x142.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/d38cbf_142x142.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 21:00:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6d7e-f159\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61785,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 142 x 142, 8-bit/color RGBA, interlaced","md5":"1f346d40c9b4ee77a60e18b762dcd04c","sha1":"69156ef58a1c9a99f0328d6ef3abd8ba17164093","sha256":"17d7c69d3743af40c0b611ccb5611f76df6fdff0947cfd619cf1e70c11d38cbf","sha512":"bc8d234580576ee9a4e20c0d6ca5e780ef373b1b51040b64a08f09f6ec0f9234dc71df17fe36f071a179ab5c4c5565153418ac0af354970edc08428e41c220fd","ssdeep":"1536:4v3ssOCdTKaWloILXXttimcjabOXAtI+CxbADdO06TBr:KcsOCdTnWqIBTsabOwtIfABO06TV","tlshash":"db53027a30ac415505c6dda4b6b3243e72e7c210e9d97b28dbc25a35d7128fbdef6810","first_seen":"2026-04-07T18:33:50.36367Z","last_seen":"2026-06-07T00:33:05.736765Z","times_seen":66,"resource_available":false,"data":null}},"time_used":983,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":983,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/js/MobEpp-1.1.1.js","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /js/MobEpp-1.1.1.js HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 12 Feb 2020 14:24:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5e440a98-627b\"\r\nexpires: Sun, 07 Jun 2026 12:32:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25211,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF, LF line terminators","md5":"b4cd45273f059ebff2ac2185efd52bf9","sha1":"fe2cca20ad99606127aa64fe74059f4dfd6dad60","sha256":"3816789af95bb9ed6245bab40c8a8aa56082819801a93d4a79ff9599bd7dc68c","sha512":"ac94c7f14b8091240cd29166ccab408f09af554c4a38e7aae2618b65429c3e2cd0885810a2f2cb5b0f937c793e15abe9a5ce6bc226f503ae4c8b61490fc785ae","ssdeep":"384:zJdTONjokUwV3CfyTxGZ8wvvC1x8AAr4VZjladj8yUorA49NfNoxRZ9Tbmmxyh5B:z/OxokU9BA1yU8sbPgMU","tlshash":"2bb251587b4c156d80e3b67a027f1909ec3dc433960485a4f0bda9e46ff465a232eebd","first_seen":"2023-04-06T18:33:51Z","last_seen":"2026-06-09T17:49:28.664404Z","times_seen":8988,"resource_available":true,"data":null}},"time_used":980,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":980,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/favicon.ico","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:40.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:40 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"69a60416-e3b8\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58296,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (56756)","md5":"cbb42513032d6c09e496731ac16c20a9","sha1":"c92f38a701aad58408451d24dd4c47b05f158cf0","sha256":"d189695b2f3bb92369881f2428fa861dca9d9a94c638d9bdc4e2fa747d6f315b","sha512":"3d76f1018afceaba7cbb4083f4a5b5758966ec2aa5d5c6b07d72361782809f7ed4bd34ed9e0c4154d01a2db7192155de8251e5a834dd90b8d9823d916e1b7285","ssdeep":"768:cHJYDDQHVZHIs91TXESJBjgBSp00yCqJ3Z+IYM3WiesRQiULO0bpD9tcNQEfdom2:cmDD6oeFUycwpk06hWp1b99c7VM","tlshash":"8443021803de40a2cd8978d9426f2f3d842a1863da1c94bd1f5b6df4ca0d8a4767f1e9","first_seen":"2024-11-25T13:26:01.204756Z","last_seen":"2026-06-09T22:34:38.304871Z","times_seen":12217,"resource_available":true,"data":null}},"time_used":252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/8a494a_324x82.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/8a494a_324x82.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 20:42:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e694e-4152\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16722,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 324 x 82, 8-bit/color RGBA, interlaced","md5":"2261f9b32f73847782f3106c24ba3e54","sha1":"66e09166177017a21264a830469038bde1eba728","sha256":"e59f470b433a2af341887735753fdcf7479d86600402897b52ab6c184b8a494a","sha512":"e4ae728ee2836ae434e926be60e9a868b5be8219394b4037e85f97167fca0937a9e35deea3cd9864fd1b1de8c7bfb1c6fd411b16eccff583b98d640a8133420a","ssdeep":"384:z0w8gyyy0kbhcOw4WpSNBhqycpcwvGWtEcBZ6bhW:zFq2Fpp0ntcp7OoEaZIhW","tlshash":"e672cf59ea4f691980874c9613e3ac5d431bcdcc81b0ab2974cec75a4319ee7ac217ee","first_seen":"2026-04-07T18:33:50.379197Z","last_seen":"2026-06-07T00:33:05.739946Z","times_seen":66,"resource_available":false,"data":null}},"time_used":497,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":497,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/0744bc_750x750.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/0744bc_750x750.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 20:46:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6a3a-44f2c\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":282412,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 750 x 750, 8-bit/color RGBA, interlaced","md5":"a202a2a490d2bc8fab450d86d5d64c7a","sha1":"ad14aba20e77409e4e8f5ba7d857bbef0b7bc5b1","sha256":"cc17c9d97b3b2ee1354b5fe06de71af00c04dd381129b0e92c834d755a0744bc","sha512":"6d10e61d5a562a1a658f9beaf8fffbe89ba5f09a4c5fc99757a1f52f7b1ab6c739dc10ab6663a5fe1e6ef8a720d442e200b0cd4c7553ec45b9992e0914e97221","ssdeep":"6144:vipiiqwG5QvPX3lRz6v48LvcXIQkqhGqtfr200XYbxF6smkmIGmOXenr:viqwYuPFpavcXIQJh5tD20yYP6jmZOX+","tlshash":"b6542350947b7fbcfe9398cb30498397a5bc6e182d90c5399f5f2e1493f8a344429c96","first_seen":"2026-04-07T18:33:50.355213Z","last_seen":"2026-06-07T00:33:05.740973Z","times_seen":66,"resource_available":false,"data":null}},"time_used":989,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":989,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/bb05c2_142x142.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/bb05c2_142x142.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 20:59:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6d26-ed17\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60695,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 142 x 142, 8-bit/color RGBA, interlaced","md5":"53b9e9c2dabfeee5a5e5e7eac7ea3f7b","sha1":"57329d8b17c26bc48167d88b357d2306ef5912e0","sha256":"aaa8947b10b214b723752febfd4c034ea1ef026c1ed2034aeade7638f1bb05c2","sha512":"6f3f724065e1fc1f76e4df5bf4dbd61a85251a61c5391ad216fe4f2faf06c75c510f58f010bcec837c869b92de41619893f671b20cbae8692eb181e2d4de42c6","ssdeep":"768:JSKjyVZ/aRJDTSJ/uDgKBFjdTYCQ8BH3h90ExeqjEsx+SwvczIIR2x2Gz8ZEtiPd:PyVZKJDTSJWDnjdTJtnyE4xaHYljA++","tlshash":"7653012a3740bd8fb10eded585b9596a443bdacc63647d6aafce020ada740f31d31613","first_seen":"2026-04-07T18:33:50.370854Z","last_seen":"2026-06-07T00:33:05.741877Z","times_seen":66,"resource_available":false,"data":null}},"time_used":987,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":987,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/d7087c_142x142.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/d7087c_142x142.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 21:00:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6d62-f29e\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":62110,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 142 x 142, 8-bit/color RGBA, interlaced","md5":"d5531352a7033f1fc0e0b8feebd1fbbe","sha1":"e15b22b4f956f5bc2aabc8308092c7af5f6438c0","sha256":"f592f04f02b91f96374c3747f3b7b05a7a79c28fba83fdd6cbf02c749dd7087c","sha512":"a332a7808b8a35a9ccaa0fca8cf638c3202fa734d4a0a7caef38a8afd84d940eb8929f6cba17db18b73795e9a27d56b636802d8e06ef0116e783ff974b244534","ssdeep":"1536:xe8Izvsm34Pi4pTaOM1e6TnUkFKr3IfZM5vcpr25A8CioejqQhg:xe8IJ34qkTah1e6QkFi3vvyr2y8CieQi","tlshash":"195302d9fd21da94312d52bebdea90d7a43bc55c45ced822029fdd07194e480e382bec","first_seen":"2026-04-07T18:33:50.387825Z","last_seen":"2026-06-07T00:33:05.742769Z","times_seen":66,"resource_available":false,"data":null}},"time_used":985,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":985,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/a52ed8_142x142.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/a52ed8_142x142.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 21:00:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6d68-ea00\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":59904,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 142 x 142, 8-bit/color RGBA, interlaced","md5":"9be2c383db540d59bf28b4e46da7425b","sha1":"1de712109c2b655a922047d6b669902f07b8731f","sha256":"03918c97215b117eafa6382bc700545f53654add43efd108bcfbc1a686a52ed8","sha512":"c5c97f4f30757aa2ea1ae0ebe31339e96ca1ece18406254b6c76eddef531ee14317a7c073f6ecb3ba99a57c14dcb16be04a9949b7d5fb91538c713a5f1086556","ssdeep":"768:Jw87iA7m9D9niut6vzzwFFsDflrkIqCIku1fulJyG3fQ1OUJRd/DVY46sOshCR4d:K8yhiuWzsFk9fMGwECOkr9UshCiTeO1z","tlshash":"ec4302c1e59064c76cca0e2f2e493b4a04793b6036ee23981f48ff495652971c2bd7af","first_seen":"2026-04-07T18:33:50.360868Z","last_seen":"2026-06-07T00:33:05.74371Z","times_seen":66,"resource_available":false,"data":null}},"time_used":985,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":985,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-07T00:32:35.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:37 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 04 Mar 2026 17:20:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a869ec-1ac3\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":6851,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"e961e053b6e247475f472a813ced3772","sha1":"f384b8d3a587277a3c33649e04e63e6d694a5faa","sha256":"fce39689c4f0bdccbc51cb9a4c367f160b5d9f7cb49b42e47f4debcad8af99a7","sha512":"46aeca316dd785df238dcaf2cbad60be753287ada0cf9037959738bdd40c2fc0a351ad2c0c2e8c20e0def5009770647bd2e2cf3bceb51bb3ca304b6644152adc","ssdeep":"48:0vS8NriYtCtDtythMKoZZChkInSBRvhMhNhchoh1vBZVhthChIh7hOEFCPTSYnyg:krPMZMMpihkVkePT2hM","tlshash":"9ee1332600f661e3145388846e637a267fc1950bca1b891475fd0fcfff5ad9a8e2b64c","first_seen":"2026-04-07T18:33:50.371858Z","last_seen":"2026-06-07T00:33:05.744643Z","times_seen":66,"resource_available":true,"data":null}},"time_used":3313,"timings":{"blocked":1533,"dns":7,"connect":1269,"send":0,"wait":247,"receive":0,"ssl":254},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/447045_622x100.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/447045_622x100.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 20:52:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6ba2-6330\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25392,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 622 x 100, 8-bit/color RGBA, interlaced","md5":"e46b54493661db2f34816a8972b85e8b","sha1":"e81a041b45e39e9b40e310831a9b986a522aced9","sha256":"c6cb5387053f70e13fb5363c9b22b88d72221f182116be734357617f0d447045","sha512":"ec67579e7f0c2fe68fa239e2105181811ae2acde45780d9fcde9d2db95ad2fb9462a176b779deab6d92295ef59b2403c6aea3c7e350b057c1d3f6add42325198","ssdeep":"768:4u3eMD1FyVG+wCj+qk/vLGcY/aqn8ewNepa+:ZOMhFy0Cj+qk/zGclqVNpa+","tlshash":"eab2e1c96ce0823025885695dfd71a79474e6b18c3cdba749cff565af02cf006a4be2b","first_seen":"2026-04-07T18:33:50.380336Z","last_seen":"2026-06-07T00:33:05.745511Z","times_seen":66,"resource_available":false,"data":null}},"time_used":988,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":988,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/ea1968_142x142.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/ea1968_142x142.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 20:59:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6d34-e25b\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57947,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 142 x 142, 8-bit/color RGBA, interlaced","md5":"1796daaf997e322d8acb4e3bd835d050","sha1":"a119867938e68b0abe302262d81bfd6e28e03308","sha256":"70744aae01615b84d5468fb634456171884c0634f07e57202f485be36aea1968","sha512":"9aa6c16351040adba4bb1d903b7989f4f08bd5633ee23df709190f86d2fe4e45aadd45d894eae109ba26e1f23ef44ae2f62846c5281e179a869df9bc15fddd77","ssdeep":"1536:Jvz9wuUv6Z+hnROFC0R6e5U8Hv9GC5DPRt:Uu4pxR8R6GU8P9GCdr","tlshash":"214302553450a382294f834d29a78e2f741fcb8dcb1ec7788ddc985aeba4f90748b641","first_seen":"2026-04-07T18:33:50.381342Z","last_seen":"2026-06-07T00:33:05.746412Z","times_seen":66,"resource_available":false,"data":null}},"time_used":986,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":986,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/1f1e3c_142x142.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/1f1e3c_142x142.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 20:59:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6d3a-ecf2\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60658,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 142 x 142, 8-bit/color RGBA, interlaced","md5":"f031a133ba484844d25a1e00930fe03c","sha1":"ed81deff13d528cb3d27ae0c4605b733f746ff52","sha256":"6c3d4b1cb12abcd0f6192763abd1d51f8206d1982deb6b1538cc0231891f1e3c","sha512":"ab78acf75436501cfc52cd23e19b10451185a612c91f06a0451efb8130a1562ac426e060d5e36b1ba32443915a6ac9a1aace237dd86f792b3df710d4b4c91699","ssdeep":"1536:+sW3mVFtcKXhyNsvFcRY9o7TDruGVqYJR2:Y3mVXh8XW9o3u2qqR2","tlshash":"12530284fda244cebb7f2210065d2e881d09f7e125963568ecacd81b78391b716727eb","first_seen":"2026-04-07T18:33:50.375509Z","last_seen":"2026-06-07T00:33:05.747305Z","times_seen":66,"resource_available":false,"data":null}},"time_used":986,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":986,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/js/rem.js","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /js/rem.js HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 843\r\nlast-modified: Mon, 30 Mar 2020 16:30:24 GMT\r\netag: \"5e821ea0-34b\"\r\nexpires: Sun, 07 Jun 2026 12:32:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":843,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"e74e945fcc19cbd1d5276e5d4548d525","sha1":"8236e3f3fc64916f9f7f65e8aa2680c9302f0858","sha256":"33442081f56c808935dba715de506e29ebf99eea4d997a64818edb9081369fa5","sha512":"a31082fa7c4afd5138b6f5048ea64b3fced8635505c69b56b2de5168b699069401b415f26eb42ed6ccdbc8e8c8db6f50618fea5890565ed5404f360176907245","ssdeep":"","tlshash":"8a01f166644125384b2b0009a925726cfeb7811303235283f45cae766fb0e430ab1fdc","first_seen":"2023-03-07T12:23:57Z","last_seen":"2026-06-09T17:49:28.669655Z","times_seen":15118,"resource_available":true,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/d9c165_750x750.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/d9c165_750x750.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 20:46:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6a32-d27d2\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":862162,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 750 x 750, 8-bit/color RGBA, interlaced","md5":"11a2a24720c2e6ab3e1d0d69f17649a9","sha1":"20d58ac03cb5ab5fb0cad1d0c483bb2da62d5383","sha256":"3cdd477b27eac73a5970aa055aa3569485105ef6db7bf76f90a07fb058d9c165","sha512":"c806a656835ff2e94e9c9ab4ca6715a3e819ad08e6df80d30e8fa3b99b07b71c86d054efa7f1c5e4292a3405611ed739fd3986d6848f8ab1f7b1cd25de077917","ssdeep":"12288:+BUVuZSBZbBB/MMJ8EnfPAkgvGorwWwryK8v8ixRPlq2/iSvqixm4gD:X/MM7nAT+o0iK8v8ixplq26SvPxdU","tlshash":"c10533807c1f2e6492fc45f13fe87236c002d6aa70ae0d9dea6a6e55d0d6cb7f1d4861","first_seen":"2026-04-07T18:33:50.358144Z","last_seen":"2026-06-07T00:33:05.749298Z","times_seen":66,"resource_available":false,"data":null}},"time_used":990,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":990,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/ed7aff_142x142.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/ed7aff_142x142.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 20:59:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6d1e-f2cd\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":62157,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 142 x 142, 8-bit/color RGBA, interlaced","md5":"0bd9b7a7bc99f20d240dc22120d0f8ec","sha1":"b52130fa3841c481922c460a9950886ce268bf71","sha256":"ef00676bdeb02906a6b534f48cb29d86a4ccfbb1b7d9a2176cb402d4b4ed7aff","sha512":"b36963e0be0fb1dda464af5ef6d46fb3e1d370a2b9594d4f8b5cfc00721b359a9ed8a15bb3029b81cd4aaf509c0755906e92ed3b6bc3198fbc5f0b73650f419d","ssdeep":"768:J7Id+pn5YtpsWrqDpOqhQ5yVn+6s8Evy/tyV4+BAlgKI+M0S4rX7k4iM3HQdD8x5:/nA6WPxylYy/tyV4+B0d7r4w3QNy3Mq","tlshash":"1e53020b985155c3399f4df9a7c38345b227abc80346e86ecfe6e105362ee516ade908","first_seen":"2026-04-07T18:33:50.373249Z","last_seen":"2026-06-07T00:33:05.750241Z","times_seen":66,"resource_available":false,"data":null}},"time_used":987,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":987,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/b07efc_142x142.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/b07efc_142x142.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 21:00:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6d78-e83e\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59454,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 142 x 142, 8-bit/color RGBA, interlaced","md5":"21823abc42bbfbb212106e55ac75f46a","sha1":"b8b0d0f697389d4f6c587b69d1351c40548f292f","sha256":"d86eb653866b95d381aa569cd3e9d5eea48a38a9575fc87bd92f7091e2b07efc","sha512":"8115cbe6c00fec7a3d8858d16ac1e61f8a7d651ec54e9c5d9b7e709e21964ea3ae824d83b8449bb80804a9c6fe9989117bfa91f9c58c425b579f9100882485cc","ssdeep":"768:JVQ5qxCoNEYurtcJx5g55XHGL70LYTmvIau/LR3Of3JB7rDY4mqTdaYYJ2q6EDoy:TNE7qT5g59HE70jvG8HXuZoxepV","tlshash":"6a431252f4243bc4ad18fd6eb4088db71db06ea155c8b2686c78e23d6112236b55ffc7","first_seen":"2026-04-07T18:33:50.347863Z","last_seen":"2026-06-07T00:33:05.751151Z","times_seen":66,"resource_available":false,"data":null}},"time_used":984,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":984,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/78c483_750x750.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/78c483_750x750.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 20:46:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6a2c-e86b7\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":951991,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 750 x 750, 8-bit/color RGBA, interlaced","md5":"89b622469c7f9ca586a1c92e053f4723","sha1":"33dbce843a0d504ce4b4d4a9569d1a3e05894f98","sha256":"d82a166fea5b5d1383209b723bb9946a27b8dbcdb87edcae32a9ac8f9a78c483","sha512":"96b60830f28af3ba4d3f0017d5d3b05d1d9ee98737ac167e975f36230715ecfdccd635e777eb440b31f85dabd66482d2e9f5a70f9d20913c59d4a632822ed34a","ssdeep":"24576:opHgu74iTfjDwPoAacjre/VFT2zqaFimpRrFAjik44zP1mE8:oAu74A2jwVFqzqadb6Okzd8","tlshash":"6f1533dc4ebe19c718711e9648dfb1ed5e7a082a075dd25b0381f2c18e6b318935e6cb","first_seen":"2026-04-07T18:33:50.35177Z","last_seen":"2026-06-07T00:33:05.751987Z","times_seen":66,"resource_available":false,"data":null}},"time_used":991,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":991,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/5c0433_142x142.png","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/5c0433_142x142.png HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 31 Jan 2026 21:00:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6d72-f3d9\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62425,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 142 x 142, 8-bit/color RGBA, interlaced","md5":"b55e34f336fcea8dc871c62fa3af5152","sha1":"43453db751d6d7e1a4e6d6295c89be2d280ae25a","sha256":"301ceec8f8aeb179e3d40b2b443eac046423f088dfb215322922e5e1d15c0433","sha512":"512174fbfc40ac40dc98f69594d8d576601c1714c885e57b079b4cdb32285e802b3467e5cc572dad3073d88092e798f106df641c49093582a632fcf2f1fd8039","ssdeep":"1536:mCOB2pFLSu8jpfilLSd5r1rpzt/wzqAL47:mCO4xSuzli5rBpzQk","tlshash":"d35302575149e5312d0b93840ffbd2ca150acbbe6622da61ef17c11e0eba9a76f30943","first_seen":"2026-04-07T18:33:50.382465Z","last_seen":"2026-06-07T00:33:05.752803Z","times_seen":66,"resource_available":false,"data":null}},"time_used":984,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":984,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9268365.com/img/570dfc_750x1583.jpg","fqdn":"9268365.com","domain":"9268365.com","tld":"com"},"ip":{"addr":"118.107.248.30","port":443,"asn":132825,"as":"MYTEK TRADING PTY LTD","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://9268365.com/","date":"2026-06-07T00:32:38.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"123123365.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 23:36:41 GMT","end":"Tue, 28 Jul 2026 23:36:40 GMT"},"fingerprint":{"sha1":"7B:44:ED:0C:9F:68:54:54:BA:E7:B4:AF:E2:92:38:C2:89:C8:2E:C0","sha256":"CB:8D:D7:17:10:E0:A6:04:54:A5:FA:E1:52:78:D2:7F:DC:40:9B:F3:52:30:8E:77:0C:00:99:DC:C9:DD:89:FE"}}},"request":{"raw":"GET /img/570dfc_750x1583.jpg HTTP/1.1\r\nHost: 9268365.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://9268365.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Jun 2026 00:32:38 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 31 Jan 2026 21:02:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697e6de2-d72fe\"\r\nexpires: Tue, 07 Jul 2026 00:32:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":881406,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x1583, components 3","md5":"8fa76d1739a1f2647eb5df3aba5aa835","sha1":"96ec62237b97dfc161c990badcb93557241ef294","sha256":"d33bc4f4e8bb62c04140e4e8b7e30bd8f8e463f4ca3eef29309fab3ca4570dfc","sha512":"6164952d4dd85d5e9b3ae5ecf54f624ea5feb6e2e57be8b9570b1c2427b49c15c565fa029398d8329d2d4687d74dcfa8cd307b3750477a394b51d9a4f1d90657","ssdeep":"24576:UYxEgekkE0oquG1OXQDOdc90fMXCVPNlGIf:UYxEgZkEFGHPNSVnGIf","tlshash":"341533d89577265cee7b4fc44ec94aa73b9be340dc14e9ceb5b92a18d1b43c0111b4b8","first_seen":"2026-04-07T18:33:50.385526Z","last_seen":"2026-06-07T00:33:05.753646Z","times_seen":66,"resource_available":false,"data":null}},"time_used":983,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":983,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-06","alert":"Phishing Block","trigger":"9268365.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-06","alert":"Sinkholed","trigger":"9268365.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}