{"report_id":"438e47df-edd7-45e6-a3ad-52ac2586e75a","version":6,"status":"done","tags":[],"date":"2026-01-04T07:32:36Z","url":{"schema":"http","addr":"Oedy9.com","fqdn":"oedy9.com","domain":"oedy9.com","tld":"com"},"ip":{"addr":"166.88.132.178","port":0,"asn":149440,"as":"Evoxt Enterprise","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"oedy9.com/mob.html","fqdn":"oedy9.com","domain":"oedy9.com","tld":"com"},"title":"访问提示","dom":{"size":2325,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"c207bc1d2e0996ae2f38a34a0fc1487c","sha1":"5012f4f0a2adf0ea5cbb94d3433bc5cd6a39cb63","sha256":"554837a0abd5c3bf61244714e76859d4e374bac0ce36cf4b9da8289c23f347f8","sha512":"cfe47f6fb0781c939461e6ac5d5b2653aaf60e6a6aad9a9b657051840e7c45f92b45bd2e09f80fbdff8dbe1cf329371689a3709430c71df2888d2c86bb77f9ec","ssdeep":"","tlshash":"494198d317a68426bd92d8547a522fd6329cd807e40ac6a47ab5a46dcec0eb752333cc","dom_hash":"domhash9f56b4cf3fd7b1f4dab033f1c1ced99b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"Oedy9.com","fqdn":"oedy9.com","domain":"oedy9.com","tld":"com"},"ip":{"addr":"166.88.132.178","port":0,"asn":149440,"as":"Evoxt Enterprise","country":"Germany","country_code":"DE"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-08T07:32:36Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"oedy9.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"api.qrserver.com","ip":{"addr":"88.99.85.235","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2009-05-16","domain_rank":342339,"first_seen":"2012-06-20T10:01:45Z","last_seen":"2026-01-02T07:08:20.666202Z","alert_count":0,"request_count":1,"received_data":835,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"oedy9.com","ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"domain_registered":"2023-10-27","domain_rank":150266,"first_seen":"2023-10-27T10:41:23Z","last_seen":"2026-01-02T01:23:02.47592Z","alert_count":3,"request_count":3,"received_data":180721,"sent_data":1585,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"oedy9.com/","fqdn":"oedy9.com","domain":"oedy9.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"684d53c6687816cc5ac82d0ff0af619f","sha1":"c6e9e63df1ca1b6c018e65976c215d7fbf57c22f","sha256":"cc1883d9d32d738a8fa8a778faf7b3828945f0d7aef9a044f3e6a607000a54d8","sha512":"819fcdb5231fe6297da4c9165eb9797fd49f2b7b68b78398488b263a01840c08ccd3e6091271dbea0764b541ac2394b6daf41c821771a1f1455052440f5638db","ssdeep":"","tlshash":"2ab01214071ec002495335c14709ce4003ff355045ff4794450cbc0cc14e180130a0d4","size":98,"data":"","first_seen":"2024-12-30T18:02:46.611902Z","last_seen":"2026-01-13T21:50:29.325979Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"oedy9.com/","fqdn":"oedy9.com","domain":"oedy9.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"139d546f40681d5828a47d274d693341","sha1":"8fcf27319f92c0c2436b8d61f9b058d03890b4b0","sha256":"45db9b5faaef1c245a1a7bcda840a6d10bf2488b07b582dbeb6cd02f48e5beb6","sha512":"e719c0647e79c8d23aa902be715efa0ca9211a1617fb7c5c9a3fe04891d369ab3e29e30091dba170ae41900fae094d5380957ffc57ab095a7a7fca5106e37d3e","ssdeep":"192:79TJPZ+oN/BDFT0f/6NLnE4MZs/aaH0pyxv7qzUeBFFGr7rQy+O/2Qv2mIYAoGg:p1PrFAsLXZcFwfrQy+O/AmILG","tlshash":"a99260cfea8e093560ff93cdcc591b7f82d2492262e3c07ad0f65b4937546a8d112a29","size":21090,"data":"","first_seen":"2026-01-04T07:32:38.5807Z","last_seen":"2026-01-04T07:32:38.5807Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"oedy9.com/","fqdn":"oedy9.com","domain":"oedy9.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"ceb5f4f7add8c9d2e5df84d5c01893b2","sha1":"7cf2f0e3826e585a159d26ba828502fde7d4d621","sha256":"e180160993da14cf48e16ae9387167234854cb11e060a7a165090040b0ddb17c","sha512":"548a3a5c8c5c341f6e31a05434f493a48c25aaad8efd1bdd163d604d43335b22e6353fba3d88feedefef0316d1b29e1692c2c4537a06f2e669fe7000ee4c697a","ssdeep":"","tlshash":"138000e008bec030208ac000c80a0002288aaf02800220833c08032f8cc0ea0c8320ac","size":32,"data":"","first_seen":"2025-07-04T12:12:16.373177Z","last_seen":"2026-03-27T05:50:39.471525Z","times_seen":65,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"oedy9.com/mob.html","fqdn":"oedy9.com","domain":"oedy9.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"fb592fbec479fcf86b148138d910bb35","sha1":"45ce0041ee6d4eee4ad3631c79803cfbe0dc48dc","sha256":"544e26b4c403cd52e0df7ab03a923a311ccef4a1d94b936dd6b566488ff9abd1","sha512":"2695d92d187d48260309cc4567d303bc8891bb5c63a475327a52efdd0b2011d2103deb942f81be5efc25f0acb9698035821c0fdde85d4d37bbf42ce219606a0c","ssdeep":"","tlshash":"2df09eef1b121525af8fc68b173f3a15a59da10f5881df09742dd1021fe0f6c222b9d4","size":493,"data":"","first_seen":"2025-12-17T23:26:10.099061Z","last_seen":"2026-01-31T13:21:21.717068Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"oedy9.com/template/oedy9.com/asset/js/wntheme.js?v=1767511935","fqdn":"oedy9.com","domain":"oedy9.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"60bdf4117f35d4dd14feb178af7f4c71","sha1":"2003798e6f9a60edb5374c3b01cdbaff9c649cbb","sha256":"cad017f5b61569bdd35060b114147c285cf6d8d2d4237cd5a3ad15eb736ff2b8","sha512":"d565b2537616ff17cfd333d605802b6878a14da23cc01af885de63c6ded24e5b390a278893abb20e859264986c28a1ea6cd6b3b32d278e281ad703f4b40959cf","ssdeep":"","tlshash":"3841e153dabe4c42622f40865656f4e8732c947300739eadf28c70a95f8c86e035eb79","size":2236,"data":"","first_seen":"2025-12-16T20:01:54.266129Z","last_seen":"2026-01-31T13:21:21.702953Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"oedy9.com/","fqdn":"oedy9.com","domain":"oedy9.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"introduction_type":"Function","is_inline":false,"md5":"59123f30876c48e66203fc5b7538ef80","sha1":"5d4803d6fc7ad094b9f8f0471a1dbea3bec2bc1e","sha256":"00005af008c2ee798150cfcfdd4ad6ea4a4331ed78b720ed9ead94b81440b1b6","sha512":"77c61ebec8c5c3d26a5ea276c48852a4c58e141cd213fed84451dfe1bd35ad2145d50d52ec8ccf910882be03e6f38b9eb8b00537766aecf03d65821dcef9d797","ssdeep":"192:4A1bWeJfwMyGwQfu0ZMl6k/LTX8TWj+2Ln:4OWAxluAk84","tlshash":"2ee1093ccd276e27ca65369b9dda108c66b05a7221c5fef2945d9590006fc9a037cef8","size":7114,"data":"","first_seen":"2026-01-04T07:32:38.583048Z","last_seen":"2026-01-05T01:09:47.942253Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"oedy9.com/template/oedy9.com/asset/js/home.js?v=1767511935","fqdn":"oedy9.com","domain":"oedy9.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"44dfc073c5c3247fe10076e31bebd0f8","sha1":"d3182755b5b6ed5766746a53c85749588aca1ada","sha256":"a7bc246afae2c42df0dc4abd2703271cbeea5cdbbdb1d314e34937579b4e17bb","sha512":"e4dff093c15fc6a16f9379f73d67ce9fddd776bebde48b9bac9f0c4310c9b24563a9d002bd91ed4e5d3d09037e10d03350b6196a2c134e7812902f6ad2b82d1a","ssdeep":"768:hR0cTTu8eIbZLbhpa6aEb7z9SsbhbeA5gr9GpSo5E7Iw4TQv5:hRZXdep6vRpG5","tlshash":"3c03a45d7af3142050b3317a4fbf69082276815f190ddd88fe2d11a48fc4a4eba66bbd","size":38346,"data":"","first_seen":"2025-06-30T06:03:39.440742Z","last_seen":"2026-03-27T05:50:39.456969Z","times_seen":76,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"oedy9.com/template/oedy9.com/asset/js/jquery-3.3.1.min.js","fqdn":"oedy9.com","domain":"oedy9.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-09T13:25:00.153228Z","times_seen":119827,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"oedy9.com/","fqdn":"oedy9.com","domain":"oedy9.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"dbcd8f29592548b53ea78d42e1071361","sha1":"5e7f77f14f6119ddb7e55ffada43ce72f30ee44a","sha256":"e4d6fcc951d060b75c62051239799bcc59d1968272aeb3aeebc25d370ac8d3f8","sha512":"a003cd0acab5e5aef36b8d8a58099fb17dff354135d892f195b6682806e9e5cba024d5227896dbb73634573953d45636f26e6a6f13b8252f6a1c2d660b083ec3","ssdeep":"","tlshash":"5cf097bf5c41a6586aeb28ad97abd649c06f1068140fd803a5d5c4cd2c3cfc8042134c","size":493,"data":"","first_seen":"2025-12-26T18:39:19.839111Z","last_seen":"2026-01-17T12:55:12.55872Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"oedy9.com/","fqdn":"oedy9.com","domain":"oedy9.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"cafa5b002cbbbe70940abf956a8c884d","sha1":"aa465b0ed57e29bcd4b7be6370976d7754c7011c","sha256":"5b8d90cea924949f9a763d28d6f4fd357a7e22c3eb8e59adcbe89f52d5085b7c","sha512":"590c11b3c82358dfdedf89c057d3f5933c1118b746e24386c249aa0953bdeed1cbc1c1ebc085c3d47dc566e2217b1a8f72dd0fd506570a4cfbbd17b241a58a86","ssdeep":"","tlshash":"fce0721a30c2403a12b348ba33f7910a2662370fc48ecb127a9fc4a62f24ca50506a4c","size":309,"data":"","first_seen":"2025-12-26T18:39:19.840415Z","last_seen":"2026-01-31T13:21:21.738411Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"api.qrserver.com/v1/create-qr-code/?size=300x300\u0026data=https%3A%2F%2Foedy9.com%2F","fqdn":"api.qrserver.com","domain":"qrserver.com","tld":"com"},"ip":{"addr":"88.99.85.235","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://oedy9.com/mob.html","date":"2026-01-04T07:32:16.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qrserver.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 29 Nov 2025 22:04:13 GMT","end":"Fri, 27 Feb 2026 22:04:12 GMT"},"fingerprint":{"sha1":"48:8B:D8:E9:7B:04:DB:21:21:D6:E2:66:2B:9A:29:36:2A:46:3E:60","sha256":"5E:02:1E:80:D4:76:1F:0F:AD:79:30:D1:01:CE:97:B5:D4:B0:38:19:D8:26:70:CF:51:F5:35:6C:34:E9:CD:FA"}}},"request":{"raw":"GET /v1/create-qr-code/?size=300x300\u0026data=https%3A%2F%2Foedy9.com%2F HTTP/1.1\r\nHost: api.qrserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://oedy9.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 04 Jan 2026 07:32:16 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT\r\naccess-control-max-age: 7200\r\naccess-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type, Origin, Authorization, X-Requested-With, Client-Security-Token\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":445,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 1-bit colormap, non-interlaced","md5":"de44117dfc1c6396b2139c7855385a6b","sha1":"eee7f4fcdd85ea01c753de719c7c2edf04480c4d","sha256":"4033e9ef0c4d5b03043140a8c80dbf4ed472d4659ae2014bfbc56af364abb3f3","sha512":"c19ac481610294b96cc27feff32dd6fc6c3fac975f8de1f46bb06ea099cfe8f5f3337f1832192197c4ebb87daca79e9b3ba559e38a41dcc69c79d208059a0531","ssdeep":"","tlshash":"f7f0b3d33b108c2b0a19b0a2bb2e0020ce72681b214d34ab378bce3646b21048c4001f","first_seen":"2025-12-17T23:26:10.098235Z","last_seen":"2026-01-13T21:50:29.324086Z","times_seen":37,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":108,"dns":10,"connect":29,"send":0,"wait":42,"receive":0,"ssl":66},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"oedy9.com/","fqdn":"oedy9.com","domain":"oedy9.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-04T07:32:14.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oedy9.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 28 Nov 2025 12:19:19 GMT","end":"Thu, 26 Feb 2026 12:19:18 GMT"},"fingerprint":{"sha1":"69:7B:3D:0C:13:0E:79:59:85:79:6C:9F:CC:02:E7:C6:0C:DB:09:6B","sha256":"CD:1C:CE:88:E8:D4:C6:2F:12:8F:68:0A:04:29:1A:D5:09:16:39:90:F4:A1:9B:08:35:6D:A8:0F:8C:54:E1:96"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: oedy9.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sun, 04 Jan 2026 07:32:15 GMT\r\nserver: nginx\r\nset-cookie: think_var=zh-cn; path=/\nthink_var=zh-cn; path=/\nserver_name_session=8e24b569a590272a9b4329bb58acd27e; Max-Age=86400; httponly; path=/\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":173646,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (21047), with CRLF, LF line terminators","md5":"7c8e8071400e8bb20b872780e6c3703c","sha1":"157912fe593f2f72ab96d12355ad34c90a1451aa","sha256":"7af97e0ac051366a34ee9fb8e021ce482572d2973ef531da7eca1ebbfe894bcc","sha512":"542e526304de23839fd94eddb862449b679ef719bdb5f155915da541ffca43daee61bef03f4af56cf706f82d36e90ff46df2aff5e14dcda56ee65a397b2877cf","ssdeep":"1536:4hQjZfrQy+OXoSYs6vB1tVM3LrdX4uIyLsMeNPrPz8jC3CWCCe48NADIZRh:4hQjZfrQyDXcBG3yNPoc32p3h","tlshash":"0504e85448d159b31a73c0d63da8071cf7969187c682ae37b4bd278b7fa8e1240af39d","first_seen":"2026-01-04T07:32:38.578059Z","last_seen":"2026-01-04T07:32:38.578059Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1083,"timings":{"blocked":402,"dns":293,"connect":43,"send":0,"wait":278,"receive":0,"ssl":64},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"oedy9.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"oedy9.com/mob.html","fqdn":"oedy9.com","domain":"oedy9.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-04T07:32:15.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oedy9.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 28 Nov 2025 12:19:19 GMT","end":"Thu, 26 Feb 2026 12:19:18 GMT"},"fingerprint":{"sha1":"69:7B:3D:0C:13:0E:79:59:85:79:6C:9F:CC:02:E7:C6:0C:DB:09:6B","sha256":"CD:1C:CE:88:E8:D4:C6:2F:12:8F:68:0A:04:29:1A:D5:09:16:39:90:F4:A1:9B:08:35:6D:A8:0F:8C:54:E1:96"}}},"request":{"raw":"GET /mob.html HTTP/1.1\r\nHost: oedy9.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://oedy9.com/\r\nCookie: think_var=zh-cn; server_name_session=8e24b569a590272a9b4329bb58acd27e\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html\r\ndate: Sun, 04 Jan 2026 07:32:15 GMT\r\netag: W/\"6957ece1-8ba\"\r\nlast-modified: Fri, 02 Jan 2026 16:05:53 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\ncontent-length: 1348\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2234,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"f52e2dfb7db2d68ca3d80074efa293f2","sha1":"58e8b2a846fbdedf565fee6f3b8d9d6d6264f97e","sha256":"41326ac9a158bcdfdcf382af84cf879236f6852a40b4196aa075bde42aa3c5e6","sha512":"a88f959810a86edc12bf6bc3b259d70f381f5aa0cd809bfcb906dfdeadb5b3cc429dbaeafaa183d649cb8f9604ef401b9409b215a52f27c9f3f11acf3eae5f7c","ssdeep":"","tlshash":"2b4196d347a685267d92d8543a522f96319c9807e00bc76466b5a478cec0fa642333cc","first_seen":"2026-01-02T16:18:32.721886Z","last_seen":"2026-01-06T18:50:07.882874Z","times_seen":15,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"oedy9.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"oedy9.com/favicon.ico","fqdn":"oedy9.com","domain":"oedy9.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://oedy9.com/mob.html","date":"2026-01-04T07:32:16.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oedy9.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 28 Nov 2025 12:19:19 GMT","end":"Thu, 26 Feb 2026 12:19:18 GMT"},"fingerprint":{"sha1":"69:7B:3D:0C:13:0E:79:59:85:79:6C:9F:CC:02:E7:C6:0C:DB:09:6B","sha256":"CD:1C:CE:88:E8:D4:C6:2F:12:8F:68:0A:04:29:1A:D5:09:16:39:90:F4:A1:9B:08:35:6D:A8:0F:8C:54:E1:96"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: oedy9.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://oedy9.com/mob.html\r\nCookie: think_var=zh-cn; server_name_session=8e24b569a590272a9b4329bb58acd27e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/x-icon\r\ndate: Sun, 04 Jan 2026 07:32:16 GMT\r\netag: \"6933481e-fc4\"\r\nlast-modified: Fri, 05 Dec 2025 21:01:18 GMT\r\nserver: nginx\r\ncontent-length: 4036\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4036,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8e59ad0a9aefea690d92ffc6266516c6","sha1":"f82e7a5e38ad362b54a94522fd99963bc1515d27","sha256":"fa3958fb852fab1c92b41cbb3a1ad0c4487ee1cd1ef4712e6817fab8b8fde0eb","sha512":"3b4c28339115ca408dd153651ca8a2447b50788ff8499e51986f4062a8124e3145ef0d0ee9dbc36515be338d7cd0a21e1d6eb9725e9905454911af9c6d8827e0","ssdeep":"","tlshash":"a8817e69280b2a67e7f9a51b07360117ddf1a0ad62d7a88dc909c037bdee2b73086414","first_seen":"2025-12-05T22:31:48.407286Z","last_seen":"2026-02-14T16:06:52.824936Z","times_seen":254,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"oedy9.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}