{"report_id":"4ab18130-54ff-441f-ba79-f8447ec8a24b","version":6,"status":"done","tags":[],"date":"2026-02-12T17:27:34Z","url":{"schema":"http","addr":"m.ddooo.com/softdown/213013.htm","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":0,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"m.ddooo.com/softdown/213013.htm","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"title":"catia composer r2024中文版下载-catia composer r2024(专业3D设计软件)下载安装 - 多多软件站","dom":{"size":32013,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2235)","md5":"62b1c908aba04e5e2203ae474e597cd5","sha1":"0e8a68cf739f61230dd87766fd44e60d88a4e8b8","sha256":"15ed19fea4fcbc2bbd201418d23123d5ac7caf6b94b685cc1a2b55774f83168f","sha512":"567a2836262cd301f13ac2d1825ac8d12a593c9d1d68adc41369f9a50ec6e28670cabaec0d349a5d5508fa9bf2b84fb8393a73858b40c658e8a455fec39f055a","ssdeep":"768:TJ7lR1Q0yvZJCs0kNkBlkbkpkZkW9knAn8jkJkOg5/zOILzOphzOVZtmzOeQzOw0:TJxR1Q0yv7DKAn8nBoYZtalnqn+","tlshash":"a6e275bb42a2d4072b3191c8ad16261c50c3029cdb229ee5e5dd4beefbece974d015de","dom_hash":"domhashb60c5df5ee2d229b01cb314d1f6cbcb5","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"m.ddooo.com/softdown/213013.htm","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":0,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-19T17:27:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"m.ddooo.com","ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"domain_registered":"2003-12-22","domain_rank":2444264,"first_seen":"2017-03-02T06:47:56Z","last_seen":"2026-02-02T06:03:39.161853Z","alert_count":24,"request_count":12,"received_data":760222,"sent_data":5500,"comment":"","tags":null,"fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]}]},{"fqdn":"img.ddooo.com","ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"domain_registered":"2003-12-22","domain_rank":0,"first_seen":"2023-11-27T08:04:27Z","last_seen":"2026-02-11T23:26:56.949776Z","alert_count":98,"request_count":49,"received_data":586794,"sent_data":22947,"comment":"","tags":null,"fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"m.ddooo.com/public/npublic.js","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ab4a6cc8f2b93010b0f8bedd60ec19f1","sha1":"c1feba4ba88f35b65f923ec32ec74bb8d86ac33d","sha256":"43f6431077c35e11e8592f80febd792006790b9bfd32b2b4cc937da940552104","sha512":"b90a72035e2a8a2d5173e22948c647e08a657834866d212545cea2b1398e3d47182f6bfc13cbab18b41dd25d925d2b3e35025ae22fbbf64128ccd271ffdd0267","ssdeep":"1536:96IzxETpavYSGaW4snuHEk/yosnSFngC/VEEG0vd0KO4emAp2LSEMBoviR+I1z5p:v+vIklosn/BLXjxzMhsSmjmG","tlshash":"a7a3f7ed73c6716243bb31ba40af610af236646a180d8410f52ce8e4bf75a499277f7d","size":104610,"data":"","first_seen":"2026-02-02T06:03:43.783812Z","last_seen":"2026-04-23T12:27:34.392528Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.ddooo.com/softdown/213013.htm","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e51cc1a73a471a2f91103164f16e514e","sha1":"f340e77cfb4bb4c04b90ca1f4caa6cc21f942dc0","sha256":"8ae2ca455f1e9f268e568e54e963c77e4053cbbb170a2b0c91a20e1c96f95f21","sha512":"74ffeac17d2cb9942a5e69615330a8940395b181ac50fcc9c838e8adc8553890105e6577b502ae2ae94084a4de25c76fd53470649553352da91185e93cc68f16","ssdeep":"","tlshash":"2eb012c18971c051207710e0d10c48c04cf80830930cc178c28c8d7579535430821108","size":93,"data":"","first_seen":"2026-02-06T09:51:43.769082Z","last_seen":"2026-02-12T17:27:40.509318Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.ddooo.com/public/ndetail.js","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a43c36449232059932e5fa2fe2446d49","sha1":"cd8551a0ea5a0c8b920b613d281a071bb71f9e33","sha256":"fa67b3fd8d4fd610b06fbf5edcf23cd9ff813a87ff321ab4a485201ea71d11f6","sha512":"4394a80c11ee1f36908f2c5b16b50213c68a8604661dbb530edc165300eeeccf888b536c83aaa1720649296faf30cf6b3482d4f17948fa95c243c3a1524d82e9","ssdeep":"384:qWBg3l6pee+AAc09qulC4jLyMGvCFnYM0s4fOHIu:R6lnAkc4vhNFnl0Zxu","tlshash":"d9926218f9411a664673733a5b7e4500ff6e192b8142cb14fcac59c0aff0d29b6a6f9c","size":20742,"data":"","first_seen":"2026-02-05T20:26:23.899824Z","last_seen":"2026-03-13T10:33:10.167782Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.ddooo.com/public/nswiper.min.js","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"12b5fc80243369038dd645286a222eb2","sha1":"98e3dd136e82821a160d909e2b5652d7c755ce75","sha256":"c2f5a0be24e711bffd5030b55ecc6054de3d9a66183a319980c6b5d8f3d55ef1","sha512":"36aaea906c3625d996fb76f7c708929671ab2f6eaac0526216d5b00c0deff67fc1d648fe49011cc32f8c447f2043aad294b772a60c92fb300bd37e17dd122866","ssdeep":"1536:eyOkN3TklR3ZIFDJ+Y7n2L5ydUTq0tSQfCBTq:LTX73uTqY","tlshash":"4c93d66eb314f3e295d3214a675ac64162f21706b849dae830b54c4a68bcc5d03bffbd","size":96375,"data":"","first_seen":"2023-03-09T23:30:39Z","last_seen":"2026-06-18T07:31:09.188612Z","times_seen":213,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.ddooo.com/softdown/213013.htm","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"a25cb3a8ecbc1bb3d05a80d6f058b974","sha1":"c44b8c0874271014a9ff5e15d91f92782708d5ab","sha256":"1fb86b4517563c9737034e55af56fc67495f838e4f3a9c8c4dc3c43ab8f231cb","sha512":"a71f0700a2b2901158b4b694c56810e817da342e753575b0b2e4ba4f06c52ccf9581ad1d03d493f09c49cdd0c1bddfad804cc6c529f9d5a4369ee4c34cd97df4","ssdeep":"","tlshash":"ae01a55d59e6394e04476376b35e2a589cad3a8033c195cb03d83851aae0dfd3a80cbd","size":816,"data":"","first_seen":"2025-04-27T12:37:45.334521Z","last_seen":"2026-06-06T22:33:26.010904Z","times_seen":80,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.ddooo.com/softdown/213013.htm","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"9499c02ac4b9c2a9848121942af01db0","sha1":"7bf1f5ab643b23d1828092ee8d2b474de779a139","sha256":"2a9aea787b984dcb02fb4b23ca75d770ec22e393b126ef5ce1d990ae162b6a56","sha512":"2c57e9323d384db6e12934fc76523c26e7e6cf001c3478b586a9f71d58a53074dcfc44285f3f065d3a0db29004afd85d8e8da2e81582683e5c821c21752b7347","ssdeep":"","tlshash":"7851c1bc056c347e93e828d4cc97e65db1d1125959068e316dfcfe8c62e4368d9721f8","size":2573,"data":"","first_seen":"2025-04-27T12:37:45.345009Z","last_seen":"2026-03-13T10:33:10.169277Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"m.ddooo.com/css/npublic.css","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /css/npublic.css HTTP/1.1\r\nHost: m.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/softdown/213013.htm\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: text/css\r\nContent-Length: 8444\r\nConnection: keep-alive\r\nLast-Modified: Wed, 23 Apr 2025 03:47:11 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80c9b3642b4db1:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Ser: i34712_c4672, i59686_c22359, i1984079_c24029, i1935839_c22759\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":8444,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"f86467d5e76a89652dc5644d7e3bbdbb","sha1":"23cce4a14417e23c5a952e721f8ed5b38578849c","sha256":"bd015f5be450b6d497d4b161e87e5c3b07e1701a6ecf04048ec2c462141ca4c0","sha512":"e2caf37ca8dbbc2d976a33c829e7ab77d19d7e300343058ce847cd3b2373968328d9ccaaea0f7b402bb3c137748a9b8b8d2a1d658f3d71c6ee0ae53f412b43e6","ssdeep":"96:ymNCauZIOzoYEZPmUefEoHTRYTVTNFMwoGTEyL3V7j9JLUkTeXhy0:6GYEPEwo8FH8","tlshash":"94024e39e7145208b632dbf43b125b5aa77601a2ab02133cfff92004728ad5d1672fd2","first_seen":"2025-04-27T12:37:45.332209Z","last_seen":"2026-04-23T12:27:34.383648Z","times_seen":24,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20240825/a13d29ffce341b488bb543d04ab764ca.jpg","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20240825/a13d29ffce341b488bb543d04ab764ca.jpg HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 7390\r\nConnection: keep-alive\r\nLast-Modified: Sun, 25 Aug 2024 01:12:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"098e5d28bf6da1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04oR750:4 (Cdn Cache Server V2.0), 1.1 PS-HND-04npN80:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:2 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6c_PShlamstdAMS1vj92_38747-54697\r\nAge: 41812\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":7390,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 128x128, components 3","md5":"d1f8b02dd447346fbfbb6012cace772d","sha1":"42b6654a271b55bd5241fe5d9ee82b458440a8f2","sha256":"422f3634b5b059cc23e29e210d52b09d5ae0c897f5a7daad02461beea030d347","sha512":"dc23a74eee6dd7d6814c828a86d4c1dcc3de66f1c3118fe4a2b57b3a2e0e067aa6280dd494dfb30496adb530da4526798408edc717ac1b38b5caf887f9de034b","ssdeep":"192:CJz5qWCY8I38zvFIgm2W8qo/Q70QWpSxR1io9ZzDm8dknvGwFR:CJz5qWCY85egfWDxWpSfVZ1kvvX","tlshash":"c5e18d0bbf91eec1c5d29b62a8fcd63550ea019209d3a36412eec5f3b0711e45a39acd","first_seen":"2026-02-12T17:27:40.46258Z","last_seen":"2026-02-12T17:27:40.46258Z","times_seen":1,"resource_available":false,"data":null}},"time_used":562,"timings":{"blocked":104,"dns":88,"connect":25,"send":0,"wait":283,"receive":1,"ssl":52},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20250311/19294a5ab0aaafc88badab65b5078b3f.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20250311/19294a5ab0aaafc88badab65b5078b3f.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 11624\r\nConnection: keep-alive\r\nLast-Modified: Tue, 11 Mar 2025 09:18:23 GMT\r\nAccept-Ranges: bytes\r\nETag: \"801993896692db1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04oR750:2 (Cdn Cache Server V2.0), 1.1 PS-HND-01kDc133:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:14 (Cdn Cache Server V2.0)\r\nage: 1\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_48302-16520\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":11624,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"a9553c6148af4f058fb4347e07528d49","sha1":"cad8154db0769f13652264a81dc471d2c71edb9f","sha256":"6f020174f32747d7112e038f4500fdd108478059b8e363cea0b6e6e2fd80d34f","sha512":"48622acd3d82d83c6499cde8e159c5ccce5785d79887bfb9b4d283b47d9d1f96d3532dae57dc54477dbfb7b74de157be66e9a3c57b9936f1ce58ad1c204aad09","ssdeep":"192:WSHIIHUCD4waxs84NePCeRWbj+EzbZLt1EyHNU9mxbawj+vndTS:550wFfNePDkbxZxCc5ewj+F+","tlshash":"b332d1d7b925045e94890341397bdf014b8b4ab3136f72985afb1309f653801bf35fa2","first_seen":"2025-04-27T12:37:45.384928Z","last_seen":"2026-03-13T10:33:10.188803Z","times_seen":15,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":223,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20250221/3959538cc694c5035bdc4c50dbf47f99.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20250221/3959538cc694c5035bdc4c50dbf47f99.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 14741\r\nConnection: keep-alive\r\nLast-Modified: Fri, 21 Feb 2025 05:56:17 GMT\r\nAccept-Ranges: bytes\r\nETag: \"fc7aa2522584db1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04oR750:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:12 (Cdn Cache Server V2.0)\r\nage: 1\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_45190-13616\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":14741,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced","md5":"faac9c28d277c5291b76265698ed9160","sha1":"b29b4443f6ad67a915b10c6b4a5b661d1530a0d5","sha256":"30c744550c238bb2a6307d2664e03f60ca59ac90572dd42fa5a771e6c5b6111e","sha512":"bb48e5bf80098a8d0da2ea5ea850af1e34cc71aabf8be28dc725c4b657ae78097a933c004210a08d2639cd4af1059c7973afe0a7990b9b7f59ba979279733c11","ssdeep":"384:FI/+5I73x21PYgdATgTEr8kIjxwcYpMzGVFBmTtuhAf:FMW83xEPYP7YkIjxgprFBcO8","tlshash":"8562bf8c70830441b3ceee34d8f1585ace1211ba476de6ec01ab6867a5553f0e7bf296","first_seen":"2025-02-24T08:12:32.384154Z","last_seen":"2026-03-13T10:33:10.176928Z","times_seen":16,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":256,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/220222/202202221410157627.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/220222/202202221410157627.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 9353\r\nConnection: keep-alive\r\nLast-Modified: Tue, 22 Feb 2022 06:10:15 GMT\r\nAccept-Ranges: bytes\r\nETag: \"803da3dbb227d81:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-046K749:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:8 (Cdn Cache Server V2.0)\r\nage: 1\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_41606-27336\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":9353,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"7a68fb9ad4889227d48e7b00dc373fb8","sha1":"bf6dc44cc8b3f3f6eac2b4092f3b4545d918e099","sha256":"4f00a1f71ca8165f77a6f266f3138ee48da91c9908dd14ef7f501ec37ab06f3a","sha512":"b3091e1ab5fcb7104cba9057b1ecb9fffda6e1f9f09952d306357ab80d937b0d3781a7f918c7c8f13f36a1dc3fce6d6d61925d48ad00a907324673bbd949b0e8","ssdeep":"192:WS7knA7qn4uoPt6h7kjfgO3rgYHPZxB9dMJ5NMjmMBF:5QnAGnsP0sYO3lPzB8NyDr","tlshash":"ab12bf4ef26cac15325cae215af0755eb4121985ffc0b996b99acc3b9db084ed18fc60","first_seen":"2025-02-09T10:20:45.349754Z","last_seen":"2026-03-13T10:33:10.190984Z","times_seen":19,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":287,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/230905/202309051926159490.jpg","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/230905/202309051926159490.jpg HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1425\r\nConnection: keep-alive\r\nLast-Modified: Tue, 05 Sep 2023 11:26:15 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80a51c8ebdfd91:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHK5pg201:2 (Cdn Cache Server V2.0), 1.1 PS-HND-04npN80:17 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:8 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6c_PShlamstdAMS1vj92_41606-27258\r\nage: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1425,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3","md5":"5ac624b00732be387b9f69fb7bee526f","sha1":"7e07f6189a6cf41680c5ab18e31e4debbe4b85f0","sha256":"10f39efd3a490ef08c911729aa7a4d20dc193ac7cc76bd68c4ca4ff08cffcbed","sha512":"2fafeea85e5cca3568d34a120491bed7d57670a188c2e92fc24ab78dd69e6cdad7efcbfa1d6530defc4c56e5f4bf1396addf3d91224187f39263cd4712a88f47","ssdeep":"","tlshash":"0721d855178222c0bc2699ba2516fd2bfbdecdc1785046953de541688a04bcc6794668","first_seen":"2026-02-12T17:27:40.465765Z","last_seen":"2026-02-12T17:27:40.465765Z","times_seen":1,"resource_available":false,"data":null}},"time_used":518,"timings":{"blocked":100,"dns":51,"connect":25,"send":0,"wait":280,"receive":0,"ssl":51},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/161023/201610231437559143.jpg","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/161023/201610231437559143.jpg HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2061\r\nConnection: keep-alive\r\nLast-Modified: Sun, 23 Oct 2016 06:37:55 GMT\r\nAccept-Ranges: bytes\r\nETag: \"802362fcf72cd21:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-000-01erM87:8 (Cdn Cache Server V2.0), 1.1 dj136:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:2 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6c_PShlamstdAMS1vj92_38747-54698\r\nage: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":2061,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 48x48, components 3","md5":"5c47292fcc3d2874f9f9492dee58d60a","sha1":"d64b57621f6d9cf384e936d1005a20de12ce0db2","sha256":"5fd1209ebab5809358fe5384f31b4b23a88abccdb4deb4ade0e6fd39903c9327","sha512":"8206c1771a65f69818e4eb6df3fe2e890c0414915499cf90bc38504ecd35d3ec759dde52c479fdd107be6a5cb8c8dcd255ad1d0c5ea26f7a2f487cb1801e7144","ssdeep":"","tlshash":"8b41d71f3a124355a817d6fe868f113751f78e82bb01365ea862b5c3c490859898f92c","first_seen":"2026-02-12T17:27:40.466671Z","last_seen":"2026-02-12T17:27:40.466671Z","times_seen":1,"resource_available":false,"data":null}},"time_used":504,"timings":{"blocked":97,"dns":62,"connect":25,"send":0,"wait":258,"receive":0,"ssl":50},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20240911/00ba0ce3700f21fb1ec838a9fffb3a65.jpg","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20240911/00ba0ce3700f21fb1ec838a9fffb3a65.jpg HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 11796\r\nConnection: keep-alive\r\nLast-Modified: Wed, 11 Sep 2024 09:25:51 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80b9d5972c4db1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04oR750:11 (Cdn Cache Server V2.0), 1.1 PS-HND-01SaS134:15 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:12 (Cdn Cache Server V2.0)\r\nage: 1\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_45190-13624\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":11796,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 128x128, components 3","md5":"76aab53c74aac8f8c2a0abf9513d3929","sha1":"bfb5545f659983a304734991b0314efaf0f55a08","sha256":"9bef955a62f56f7a979413c36d03447088df7b84da1a1ee63341db560a195bf0","sha512":"802beacfd7cc0e8b224b9a413f5eef06025fbedd583333666e517885ee6f2a0a9ca06614142c5ff5240ddece6aab5b4a202dc61a6765e162c6af2c96a04559f7","ssdeep":"192:zw1KyCdoJJfVyw/0RJLTttYnfsjbxAalsx8b9RKale6+5D4SkiOX:0syxrYw/0RJLTtCnfsjbxbqGb9RKaw5Y","tlshash":"1d32af449a539bd6fb1c34792571562fdcc84f4286f7b87604c60cc5ba8061b06d7ede","first_seen":"2026-02-12T17:27:40.467551Z","last_seen":"2026-02-12T17:27:40.467551Z","times_seen":1,"resource_available":false,"data":null}},"time_used":992,"timings":{"blocked":965,"dns":0,"connect":0,"send":0,"wait":25,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.ddooo.com/softdown/213013.htm","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-12T17:27:07.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /softdown/213013.htm HTTP/1.1\r\nHost: m.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:07 GMT\r\nContent-Type: text/html\r\nContent-Length: 12556\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nLast-Modified: Wed, 11 Feb 2026 10:33:52 GMT\r\nAccept-Ranges: bytes\r\nETag: \"06847ea419bdc1:0\"\r\nVary: Accept-Encoding\r\nServer: Microsoft-IIS/8.5\r\nX-Ser: i27269_c14934, i2103123_c28197, i89830_c26665, i1935889_c22759\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":30050,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"6782801534b2c209f977cfc1075ebf23","sha1":"ac7a58415b114e4495427f3b611c4a3c34b35cb4","sha256":"7de3bdc8bfc8c2ff49c12bb93860fa15a92858293f7ca004fda640c680de2b50","sha512":"d9d4f17d8772db22e2b8eab85a4148c46f594e83e6a58e46aeea5b457ea146a517fc69baf32b8e5554126f591b00f2b5c53f7e312f03775d89effe4f083122f9","ssdeep":"768:+Q/9RsVqqzxC4XOWON6OCOAO0OWwOqpQTjOmOmGinzQygzQRszQOQGmzQZ9zQzzr:+QlRKqq9jSpQTJZtOQGr87z","tlshash":"efd253b742b2ec072b7291fc5016221d90c30388ef139de1a5da0b9ffadcd964d625da","first_seen":"2026-02-12T17:27:40.468483Z","last_seen":"2026-02-12T17:27:40.468483Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1530,"timings":{"blocked":694,"dns":581,"connect":23,"send":0,"wait":142,"receive":1,"ssl":85},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20250120/59558d4a797127e8cd38f90c3a0d80cc.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20250120/59558d4a797127e8cd38f90c3a0d80cc.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:10 GMT\r\nContent-Type: image/png\r\nContent-Length: 8098\r\nConnection: keep-alive\r\nLast-Modified: Mon, 20 Jan 2025 07:30:09 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80d63122d6bdb1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04JlJ51:9 (Cdn Cache Server V2.0), 1.1 PS-HND-04npN80:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:2 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_38747-54808\r\nAge: 197\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":8098,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"094d817fdd9f7ec97f7e3081e1994680","sha1":"8c2204cd779abf20e218931e71d88d9dc22e5e2b","sha256":"45d7f84a66b6be715acf236f863f09e8d07d67d2ca751c99e013963dd6c14ac1","sha512":"b115704085e55aa7b6057f0c12821784cb283edada1b2aa19fbe711577296c3b6217f51ecc712f388d6f3cb45ca24d6323634775f79925b0e47a1936ddfea899","ssdeep":"192:DS27knbHWHBHgH1o56dgrkzvMiIwFBHg8K3gtRT36AD5jt4rPLu:22QnbHWHBHgH1K6dgrkKwbAOtt3tVt+6","tlshash":"2bf19fad5f72a4c1228426cd5fb81c66dd3252914aaa79a9dd5ca80ad0202fdc7ec0da","first_seen":"2026-02-12T17:27:40.469303Z","last_seen":"2026-02-12T17:27:40.469303Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1746,"timings":{"blocked":1463,"dns":0,"connect":0,"send":0,"wait":282,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/180712/201807121710396268.jpg","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/180712/201807121710396268.jpg HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:10 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 3368\r\nConnection: keep-alive\r\nLast-Modified: Thu, 12 Jul 2018 09:10:39 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80d18e33c019d41:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ld122:5 (Cdn Cache Server V2.0), 1.1 dj136:2 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:18 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_4745-22908\r\nAge: 37946\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":3368,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 96x96, components 3","md5":"e1a5d566483daa2e4d54bc108ae6de1e","sha1":"61fdc3b4775cf30346bb47d7fdca311dced92cd7","sha256":"356142d613ea06fefcf8912221a5326a8896c7a0aef637d8c96be3ea795760ec","sha512":"6edb7883fd83155dfcaf01032df6e3ebcfecd34265a2b0e82c8abddf882adda51dbdcb85a68785542f21697603deb7395243052329aa17754739a423a0518acf","ssdeep":"","tlshash":"bb614b87d827b116eea8693710db95af05a99cb5ebe2fc0674c4c36904294b4cd2d384","first_seen":"2026-02-12T17:27:40.47023Z","last_seen":"2026-02-12T17:27:40.47023Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1861,"timings":{"blocked":1604,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20250214/1f2c3c431fd0b90b22f7efd5ec2a9579.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20250214/1f2c3c431fd0b90b22f7efd5ec2a9579.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 21763\r\nConnection: keep-alive\r\nLast-Modified: Fri, 14 Feb 2025 01:23:23 GMT\r\nAccept-Ranges: bytes\r\nETag: \"bd9fb97f7edb1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-046K749:3 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:12 (Cdn Cache Server V2.0)\r\nage: 1\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_45190-13615\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":21763,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"826e4c952927ef07e07b8a740b5717b0","sha1":"1fc99e32060170b18b71cf7ce8b3dc01837c7b63","sha256":"616436a8a6331507ff317e55f71bfe841db865e85e2978bd7ebe9f770a47fe09","sha512":"1c777fca80f9e7684c50d97754154126645953208d30d8114940234bad938efbd920e47fd875d2d84d28ba69ca8c0d84184ee21779435f139ab8f4394123d055","ssdeep":"384:550wQSF/3hNkn/JOC7MGBUO5zUPCGWLsOGf65ky10hGi4e0UcQFdiMcq2T7dWB:LPF/XI/gtGaO5zUqJsOGf65XeYd9QFsq","tlshash":"b2a2f18c03c2d545bc8e0a51d16fca428eb6dbe56bc4a62cbef711af1c48fb4744b522","first_seen":"2025-02-24T08:12:32.390196Z","last_seen":"2026-03-13T10:33:10.172565Z","times_seen":16,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":237,"dns":0,"connect":0,"send":0,"wait":25,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.ddooo.com/public/azlist.js","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /public/azlist.js HTTP/1.1\r\nHost: m.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/softdown/213013.htm\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2573\r\nConnection: keep-alive\r\nLast-Modified: Wed, 19 Mar 2025 08:20:37 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8078fbcaa798db1:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Ser: i31183_c27733, i59682_c22361, i1984079_c24029, i1935893_c22759\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":2573,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2573), with no line terminators","md5":"9499c02ac4b9c2a9848121942af01db0","sha1":"7bf1f5ab643b23d1828092ee8d2b474de779a139","sha256":"2a9aea787b984dcb02fb4b23ca75d770ec22e393b126ef5ce1d990ae162b6a56","sha512":"2c57e9323d384db6e12934fc76523c26e7e6cf001c3478b586a9f71d58a53074dcfc44285f3f065d3a0db29004afd85d8e8da2e81582683e5c821c21752b7347","ssdeep":"","tlshash":"7851c1bc056c347e93e828d4cc97e65db1d1125959068e316dfcfe8c62e4368d9721f8","first_seen":"2025-04-27T12:37:45.345009Z","last_seen":"2026-03-13T10:33:10.169277Z","times_seen":15,"resource_available":true,"data":null}},"time_used":333,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":333,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20250305/31a89c3b840b58fd385104a6c238f3e1.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20250305/31a89c3b840b58fd385104a6c238f3e1.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 17271\r\nConnection: keep-alive\r\nLast-Modified: Wed, 05 Mar 2025 06:06:06 GMT\r\nAccept-Ranges: bytes\r\nETag: \"01b82ae948ddb1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-046K749:5 (Cdn Cache Server V2.0), 1.1 PS-HND-04npN80:14 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:2 (Cdn Cache Server V2.0)\r\nage: 1\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_38747-54766\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":17271,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"0620aa10835e6f5c3b7cfd6aef7912d5","sha1":"8d1bd920834d873a0a54b254448d9b87a0cd8e3b","sha256":"d3a0ad41156b2478c61599db9998c75f9d2dcee508fc951d3663216d99bf61ba","sha512":"89c859a3b85c437b91c98ded2030c99110029021d5632e899ae85c170bba4a541a4cc44b3d82f6342cc601e3ca2d8d943249f234e2e0f80122019e35f1114097","ssdeep":"384:550wZ2zuFPfDHfIaLA5uU6OX56prz2E/9yY/7gWbHC71dCftrpcLHliDAmD:Lb2KK5uU65f/n0cHC71dfLFwD","tlshash":"1272e1d4e89f02aed24b81d92df7ad01cd27774ac3d04d184e51f78fd624a19d52a38a","first_seen":"2025-04-27T12:37:45.373593Z","last_seen":"2026-03-13T10:33:10.182089Z","times_seen":15,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":271,"dns":0,"connect":0,"send":0,"wait":26,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20240325/4e151334cabe2774c03c357b93e399c6.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20240325/4e151334cabe2774c03c357b93e399c6.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 9029\r\nConnection: keep-alive\r\nLast-Modified: Mon, 25 Mar 2024 08:26:52 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0ae33308e7eda1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ef124:9 (Cdn Cache Server V2.0), 1.1 dj136:14 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:8 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_41606-27340\r\nAge: 37068\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":9029,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"576a8ed8893747d7b871e1b94bfc3f78","sha1":"8cd8ebbcd675fe338ba790637f7f52f52c504191","sha256":"d7794a0337317e0df135c11679a7b13b83823ba794fa3d66b22949a897ac8e5f","sha512":"3dd9a390f9fa413f54a930b47adf179f1cbf07a0b2a8df6e1e5afb6aa5a6965cd30bc218695541136b9320f55a180bad7522fd0a922a29756fcd4a692bc71bd9","ssdeep":"192:WtHlGiAC39sJZnCSK5jF255IlgOByuYz7+yIZ4Dt:WlGotMCSK+55hOaz7OZ+t","tlshash":"db12be16c11c246d4e0872ce1bad6f634bba8f55892070109b4fe0fd6e1856bdb8fb79","first_seen":"2026-02-12T17:27:40.473847Z","last_seen":"2026-02-12T17:27:40.473847Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1233,"timings":{"blocked":972,"dns":0,"connect":0,"send":0,"wait":260,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20240131/3ff9ee634672a6073e2b2dcadc767a27.jpg","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20240131/3ff9ee634672a6073e2b2dcadc767a27.jpg HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 10720\r\nConnection: keep-alive\r\nLast-Modified: Wed, 31 Jan 2024 06:26:19 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80f7b066e54da1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHK6jx68:5 (Cdn Cache Server V2.0), 1.1 PSrbJP1ty77:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:14 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_48302-16568\r\nAge: 37945\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":10720,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2018:04:26 15:07:41], baseline, precision 8, 120x120, components 3","md5":"8323c18608ac5dd996f2f1b60892ed6b","sha1":"5951d1e88bb1d50f08d9d5a14d258512caec7d45","sha256":"a7d2638b9f9efeae9a576906a60ab7276cbcf2b1ec90af15d0204128b875a9e4","sha512":"60d8b4a6ae2683d014493153c17561d667f89350edaae8ca89d30b502bfa64ee6414e9b3cf6eca18863c61d0aabaa4cf683b3197f626f3f48ca54f63c4c5d76b","ssdeep":"192:X/09nCRnr8y4FLKK/09nCRBkn5I8NcU4Ah8fYQealvyLMz:89CBPCs9CEn5I8ShAiQQvygz","tlshash":"6222282aff84ce61fac41276e594c687db01ad94a3e32643b84c3a41bf323d05c2c693","first_seen":"2026-02-12T17:27:40.474602Z","last_seen":"2026-02-12T17:27:40.474602Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1704,"timings":{"blocked":1452,"dns":0,"connect":0,"send":0,"wait":251,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20240814/e68f7baac6963f84411462f479ac3068.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20240814/e68f7baac6963f84411462f479ac3068.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 8995\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Aug 2024 00:43:14 GMT\r\nAccept-Ranges: bytes\r\nETag: \"03daf2e2edda1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-046K749:0 (Cdn Cache Server V2.0), 1.1 PSrbJP1qr80:14 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:2 (Cdn Cache Server V2.0)\r\nage: 1\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_38747-54762\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":8995,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced","md5":"75069243d0fc75e0364046b522bb643c","sha1":"9efe5fb49a6c54bd0e71e1c9923d83695eedbaa6","sha256":"2d3ba603e7199a5248f305337a02054fc772b81e3ffeeb20ecabf8d6829a6c95","sha512":"98f00a94aa6e9303501e2599d92a4594b96963fa04fa780e8f36325edd7de6a35db6ba9d36b16078d59692a66a8da9dbbbeb7ad748de2385f52fe9ae3756ceb0","ssdeep":"192:m32v6Usvc/LWoCKKqpcH1BHByOFlSa1S5gz8O0J36asB8pTP0Nm5:m32v6Lve7CLqpcpxFlnSiz8O0J3Q8pA2","tlshash":"3402b0e6f19d9cde07a8fb5c243dcb5790ec3b54511864fbb9410858df2712805aa6cb","first_seen":"2025-02-09T10:20:45.355124Z","last_seen":"2026-03-13T10:33:10.182704Z","times_seen":19,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":236,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/180126/201801261713399760.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/180126/201801261713399760.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: image/png\r\nContent-Length: 2136\r\nConnection: keep-alive\r\nLast-Modified: Fri, 26 Jan 2018 09:13:39 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8063dcf38596d31:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ld122:14 (Cdn Cache Server V2.0), 1.1 dj136:2 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:2 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6c_PShlamstdAMS1vj92_38747-54726\r\nAge: 13892\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":2136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGB, non-interlaced","md5":"59f72188a1d6ed7409b026767112623a","sha1":"d6c53b960ad3de445762b6e7aa1e7c22dd022ec2","sha256":"7e4c5f9e61b2850fa0a3c21bcc2924a27640e9fa1fe610b2428a69dbb704b18a","sha512":"6b133fd12663f66e5f27e89e7168e67c17ffcc0918c8d58dbbd627f7541cfbdd21fd0a49e6da56cd3d65e7d9a946fe548e29ceacfb6de91ffc5811205526a7cc","ssdeep":"","tlshash":"3b411ce6e3cc762bc1a15f533aa94b08dd3115b8f23456446119a58147b1d25f3652d3","first_seen":"2026-02-12T17:27:40.476393Z","last_seen":"2026-03-20T23:33:49.748747Z","times_seen":2,"resource_available":false,"data":null}},"time_used":666,"timings":{"blocked":409,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.ddooo.com/public/nswiper.min.js","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /public/nswiper.min.js HTTP/1.1\r\nHost: m.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/softdown/213013.htm\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 96375\r\nConnection: keep-alive\r\nLast-Modified: Sat, 26 Aug 2023 07:47:26 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0bb618ef1d7d91:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Ser: BC102_US-Colorado-Denver-1-cache-1, i1984081_c24029, i1935945_c22759\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":96375,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31999)","md5":"12b5fc80243369038dd645286a222eb2","sha1":"98e3dd136e82821a160d909e2b5652d7c755ce75","sha256":"c2f5a0be24e711bffd5030b55ecc6054de3d9a66183a319980c6b5d8f3d55ef1","sha512":"36aaea906c3625d996fb76f7c708929671ab2f6eaac0526216d5b00c0deff67fc1d648fe49011cc32f8c447f2043aad294b772a60c92fb300bd37e17dd122866","ssdeep":"1536:eyOkN3TklR3ZIFDJ+Y7n2L5ydUTq0tSQfCBTq:LTX73uTqY","tlshash":"4c93d66eb314f3e295d3214a675ac64162f21706b849dae830b54c4a68bcc5d03bffbd","first_seen":"2023-03-09T23:30:39Z","last_seen":"2026-06-18T07:31:09.188612Z","times_seen":213,"resource_available":true,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20250214/e4d2487b90f74da35ecf57f270e86e78.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20250214/e4d2487b90f74da35ecf57f270e86e78.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 32281\r\nConnection: keep-alive\r\nLast-Modified: Fri, 14 Feb 2025 01:06:19 GMT\r\nAccept-Ranges: bytes\r\nETag: \"807792a77c7edb1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-046K749:0 (Cdn Cache Server V2.0), 1.1 PS-HND-04npN80:17 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:12 (Cdn Cache Server V2.0)\r\nage: 1\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_45190-13618\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":32281,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"8a28c6d7ffa4989f83e0a71cfa8d5bf9","sha1":"c74904945262babe829097e728219e13fcdf7e94","sha256":"e74791cbdfa92352949095f4d432ae6649ac323fbad2026fa137629a2527d666","sha512":"2988996491a638fba5eeb8153db86b299175b0f3b585e99311b00954ec11127832bfb15c872a6f1815fea05bef2036090d3e9b9607d34ea7ad613728d42e3ad2","ssdeep":"768:LJYIIGIbFRwa7xwDlUqPnBhEu4j7LroMBMFKPkri:FYIIG8FJxwDlUq54j7H8ok2","tlshash":"2ae2f18e5393e003ae8bfd5454f0ec498446eaa4dbdf3b68ad7ab25307046ca1791e19","first_seen":"2025-02-24T08:12:32.468837Z","last_seen":"2026-03-13T10:33:10.190485Z","times_seen":16,"resource_available":false,"data":null}},"time_used":305,"timings":{"blocked":277,"dns":0,"connect":0,"send":0,"wait":26,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.ddooo.com/favicon.ico","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:10.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: m.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/softdown/213013.htm\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:10 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 5430\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Jul 2023 07:34:20 GMT\r\nAccept-Ranges: bytes\r\nETag: \"02695c780add91:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Ser: i89820_c26665, i1940231_c22759\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":5430,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel","md5":"32da0623ee4cc6ec0fee716973dc81a7","sha1":"3b1260e6a50b01a11b3bd1585fc320749f9ef4fd","sha256":"dbe91a942966b2170729bc672c277322a5550bd65ccc3dc98e0b07ce904a10de","sha512":"d3888fd8cc6e72b10c515cc93976608f9e531719ba22c3014ac70fe3a571682b9ed95a06d507d1ba49fd7cb17cc14d1ba1efdfa1952105e07ba7db621b6afcd5","ssdeep":"48:As2dKjmRjCjjgZYjjzAkR2hU8n2jXH9XCArBY1kWrJwUhUh6bwpmFDWiUc1Hruai:MdVxgzH9XhpkyI5RuIOfNea","tlshash":"39b17442c941c4b8c6e33664e155baf83e468d6ae534e4fb2e6d7f5cbf762000339942","first_seen":"2023-05-18T10:56:04Z","last_seen":"2026-06-11T06:30:43.093943Z","times_seen":109,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20250325/544aefffb697c5cfc5b7c8f5ffd61f1a.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20250325/544aefffb697c5cfc5b7c8f5ffd61f1a.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: image/png\r\nContent-Length: 14289\r\nConnection: keep-alive\r\nLast-Modified: Tue, 25 Mar 2025 02:32:31 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80496f282e9ddb1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-046K749:1 (Cdn Cache Server V2.0), 1.1 dj136:14 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:8 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6c_PShlamstdAMS1vj92_41606-27290\r\nAge: 13892\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":14289,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"fe1b2d3d2f9cde655fef1c76f9028b4f","sha1":"7c05351c07b30199ff5eaac6b1e083b12c4e89ea","sha256":"04067e6a1828a0f4b3499716d68f6039fdac7814fe2b765917aaa1993143a0b8","sha512":"7271469e6e5c04461b54c10b4092a380648a284ed31302012dba3ac1373defb2f6a54fc744378a4c09c0c507bb5d9a546fcfa2b4ed79e032a03d4ee28f4c33ad","ssdeep":"384:jryLLgysBzcITAOqsFnJ5KutBoRamupHVSPVp8G7GtLmWfO:jry7sjsboKsBoAtpHftiWfO","tlshash":"4d52d0b6d833291f85e29670533f078f6b643ac16bb692dad3c8d0813ecbc41db46589","first_seen":"2026-02-12T17:27:40.478518Z","last_seen":"2026-03-20T23:33:49.280172Z","times_seen":2,"resource_available":false,"data":null}},"time_used":672,"timings":{"blocked":410,"dns":0,"connect":0,"send":0,"wait":260,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20241210/b80710aa84d20f842a58fa3a26e71338.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20241210/b80710aa84d20f842a58fa3a26e71338.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 13131\r\nConnection: keep-alive\r\nLast-Modified: Tue, 10 Dec 2024 08:58:19 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80758a8e14adb1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ld122:4 (Cdn Cache Server V2.0), 1.1 PSrbJP1jg79:12 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:8 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_41606-27359\r\nAge: 37015\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":13131,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"dd4c7e3df0feb221316c8d7a3e599ca8","sha1":"595c42a15388a4e347a5ad448290f09925c34a65","sha256":"18c18b74dc60d1c275677b8122ff4fcdd9e0f9f86bff38b4c75e681b75f73dcd","sha512":"90b6baa643b424e087e1eb2a3a78933ab7fa1d59537b6b34d1cc9f4b8d924f6f871ae6f622a59ffe51f56c5f1cb832122676fb08ad74feafe31908e975380d4a","ssdeep":"384:iMUYY0MBX1kJFvo7Icip/nTlmBjRhl9OY:tBYbX2JC7I3lmBB9OY","tlshash":"7c42d0717bca8487670ed1093461fa649df923df115c105864bf319adc2e87fc706a64","first_seen":"2026-02-12T17:27:40.479306Z","last_seen":"2026-02-12T17:27:40.479306Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1487,"timings":{"blocked":1227,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.ddooo.com/public/cnzzt.js","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /public/cnzzt.js HTTP/1.1\r\nHost: m.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/softdown/213013.htm\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 816\r\nConnection: keep-alive\r\nLast-Modified: Tue, 13 Jan 2026 08:57:21 GMT\r\nAccept-Ranges: bytes\r\nETag: \"802e98a06a84dc1:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Ser: i91588_c28775, i2475963_c28821, i2020957_c24821, i1935869_c22759\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":816,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (816), with no line terminators","md5":"a25cb3a8ecbc1bb3d05a80d6f058b974","sha1":"c44b8c0874271014a9ff5e15d91f92782708d5ab","sha256":"1fb86b4517563c9737034e55af56fc67495f838e4f3a9c8c4dc3c43ab8f231cb","sha512":"a71f0700a2b2901158b4b694c56810e817da342e753575b0b2e4ba4f06c52ccf9581ad1d03d493f09c49cdd0c1bddfad804cc6c529f9d5a4369ee4c34cd97df4","ssdeep":"","tlshash":"ae01a55d59e6394e04476376b35e2a589cad3a8033c195cb03d83851aae0dfd3a80cbd","first_seen":"2025-04-27T12:37:45.334521Z","last_seen":"2026-06-06T22:33:26.010904Z","times_seen":80,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/200721/202007211330171184.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/200721/202007211330171184.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 4406\r\nConnection: keep-alive\r\nLast-Modified: Tue, 21 Jul 2020 05:30:17 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80ba504205fd61:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04oR750:3 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:14 (Cdn Cache Server V2.0)\r\nage: 1\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_48302-16519\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":4406,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"f4b816ca7040cad2f62acbd8d66b2c0e","sha1":"3150df508214940323525b83d93d241e7d426828","sha256":"c952c59db981165c60ddd611a15f9fc4c4ab49c544cfd8e697da32b23018ae61","sha512":"4a940d8e3c4cad515ec8dbde2ee8a9f8778b6d0f32eec94ed1dc4486a6cbcd949bdba9b4baf884325636c9dd83d980d2804bdb39983f550d60da661114e88e91","ssdeep":"96:SY2gSE0ikbUqSKDwY/NqsHdftzgMGRcFC0gvi9:SS0oqRkYVHRmPcspi9","tlshash":"18914b95ae8a3c52c6c8b02008c1443a0b6bae1adb65f67a6d89fc171e7d0b095195df","first_seen":"2025-02-09T10:20:45.345572Z","last_seen":"2026-03-13T10:33:10.193412Z","times_seen":19,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":207,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20250902/4daac04c83d053da1c1f02d35f58cfa3.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20250902/4daac04c83d053da1c1f02d35f58cfa3.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 4439\r\nConnection: keep-alive\r\nLast-Modified: Tue, 02 Sep 2025 07:42:52 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b6da1f30dd1bdc1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04JlJ51:12 (Cdn Cache Server V2.0), 1.1 PSrbJP1ww66:3 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:2 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6c_PShlamstdAMS1vj92_38747-54749\r\nage: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":4439,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"8e99e175cc04b24d72a609fd349ce333","sha1":"25d3c95c44323cdbb0bc46ecba38fd792e1d51ce","sha256":"931404f4af483581f912ae053bdd1a397db72fa531e447911c72a4aa04269349","sha512":"5d5af87bf63b6401faf1b9de6a61a1b2790f0427d2fe4c8b16298104bba09c33a41e337f6dda18e25ed64b27347eb12185c91f57360eb95c3e7da51e7ba12a33","ssdeep":"96:6B09aPbZkA/RPi4qeQL8yWJP2In8tLE+0dtNGd4TD2lEUAeEa7S:6BSA/8VR8PJPB870dtNZTD6pvr7S","tlshash":"6f917dd50f2902389954fc5ec5b7d9431f5374459aad6076c13afbdfba1220b2894fc4","first_seen":"2026-02-12T17:27:40.481648Z","last_seen":"2026-02-12T17:27:40.481648Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1150,"timings":{"blocked":655,"dns":0,"connect":0,"send":0,"wait":494,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20251025/10617ad76d48790dc6bf67787c4c1ccb.jpg","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20251025/10617ad76d48790dc6bf67787c4c1ccb.jpg HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 16079\r\nConnection: keep-alive\r\nLast-Modified: Sat, 25 Oct 2025 02:52:35 GMT\r\nAccept-Ranges: bytes\r\nETag: \"6b1c7e6a5a45dc1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ef124:7 (Cdn Cache Server V2.0), 1.1 PS-HND-04npN80:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:2 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_38747-54785\r\nAge: 18417\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":16079,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 128x128, components 3","md5":"4d6c85f52bfece4be4bb30b0caaeb504","sha1":"4ff5cd55d4989e852582ff8dd4d1f6f8742b5fa1","sha256":"8bc57bc546eddee6eaeddf72a8739c61721a79acf5aced08f61b175284d15741","sha512":"f866f6323dde067dee888e2233cba1ccaeaee6c6b4862beb67f88d69550a91ad7d98b24fdbdc3e8ba886a18a894101fe099d6e01936fe4c41f28450f28e3f180","ssdeep":"384:8Imi3Yqa6pUq3n0gdcQmTrJMIGwDH7LRoxIUSPgbbYhIlxWYuIwR1k:Vmioqa6mq30gBoFMIGwDHRouOHYelbwI","tlshash":"2672bf1e0783b86fa05f59563de6105076bd8b83ce8b893b72944488c1de7fd86d85c6","first_seen":"2026-02-12T17:27:40.482504Z","last_seen":"2026-02-12T17:27:40.482504Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1410,"timings":{"blocked":1124,"dns":0,"connect":0,"send":0,"wait":284,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.ddooo.com/public/ndetail.js","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /public/ndetail.js HTTP/1.1\r\nHost: m.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/softdown/213013.htm\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 20742\r\nConnection: keep-alive\r\nLast-Modified: Wed, 04 Feb 2026 08:20:04 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0925310af95dc1:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Ser: i37222_c28455, i33333_c22361, i89820_c26665, i1935869_c22759\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":20742,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (457), with CRLF line terminators","md5":"a43c36449232059932e5fa2fe2446d49","sha1":"cd8551a0ea5a0c8b920b613d281a071bb71f9e33","sha256":"fa67b3fd8d4fd610b06fbf5edcf23cd9ff813a87ff321ab4a485201ea71d11f6","sha512":"4394a80c11ee1f36908f2c5b16b50213c68a8604661dbb530edc165300eeeccf888b536c83aaa1720649296faf30cf6b3482d4f17948fa95c243c3a1524d82e9","ssdeep":"384:qWBg3l6pee+AAc09qulC4jLyMGvCFnYM0s4fOHIu:R6lnAkc4vhNFnl0Zxu","tlshash":"d9926218f9411a664673733a5b7e4500ff6e192b8142cb14fcac59c0aff0d29b6a6f9c","first_seen":"2026-02-05T20:26:23.899824Z","last_seen":"2026-03-13T10:33:10.167782Z","times_seen":16,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":1,"connect":23,"send":0,"wait":41,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/220323/202203231615527017.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/220323/202203231615527017.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 24494\r\nConnection: keep-alive\r\nLast-Modified: Wed, 23 Mar 2022 08:15:52 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0ec4368e3ed81:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04oR750:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:8 (Cdn Cache Server V2.0)\r\nage: 1\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_41606-27333\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":24494,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"f72b506751d48520c19d76ed96673e08","sha1":"56fe41f514d0c6b6061fb4013a62b81301079787","sha256":"c17b5651019609531f2248d718e399f86d05e904bf7210ce8ffce7e8c046938a","sha512":"8effc5ca4fa131f69ad3a91a36d6f510cd0907018bebd0d363a135c8e671a05d7f239d23c87a7ced6d525c5f434c3418e57ccc4301dd0ca103667d7a6e227314","ssdeep":"384:550wsMH9gMTC+E8zRFFKdfomrT33IXUaEU6lmGwhsgrij2KnPNQEo/XrrJ7VLxEP:LaMdvTlE8zRFQXrTHIX5E7qr82KVQT/6","tlshash":"11b2d1945a514fc906c723b63257080d8a3b128487e0e94d32bfc36bf326b1e7747769","first_seen":"2025-02-09T10:20:45.35842Z","last_seen":"2026-05-30T22:50:50.565195Z","times_seen":23,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":244,"dns":0,"connect":0,"send":0,"wait":24,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20240226/19ced691df9235f0f380522de90af36e.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20240226/19ced691df9235f0f380522de90af36e.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 21793\r\nConnection: keep-alive\r\nLast-Modified: Mon, 26 Feb 2024 03:18:22 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0d3d0736268da1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ir123:2 (Cdn Cache Server V2.0), 1.1 dj136:2 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:2 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_38747-54801\r\nAge: 197\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":21793,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"2540b70667f8799331ba490985f69327","sha1":"54aa9bb0f1fc9a2d7cb07251b4202a8fabe40c90","sha256":"00779a4b35a7b40ef9e11b06391c63a9d815ace1957ed4a22c9a7b837fb3e346","sha512":"42fd05aa8de1190e343f4f9eb65b71d21f0044f64ed89e91d97a138f719f8fe5f2310a864e08fafcbd3ef62c5f2d11d12e8c1b1f3001b29049e10343bdbc65a5","ssdeep":"384:j0wjuHg2wp/M7Mp8uciOmP87h6U8EODZuVrnKEbj4y2:j1uHgU7MiucptiEIOrKEbj4y2","tlshash":"93a2e17bdc73261444020adf1c93cf8b9bdfce24e759184a697a212f2915991ff2c94e","first_seen":"2026-02-12T17:27:40.48489Z","last_seen":"2026-02-12T17:27:40.48489Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1657,"timings":{"blocked":1399,"dns":0,"connect":0,"send":0,"wait":256,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20241120/53972ea0d49f2e95b61cdf861a83a906.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20241120/53972ea0d49f2e95b61cdf861a83a906.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 9746\r\nConnection: keep-alive\r\nLast-Modified: Wed, 20 Nov 2024 00:59:28 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0581273e73adb1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04JlJ51:4 (Cdn Cache Server V2.0), 1.1 PSrbJP1jg79:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:14 (Cdn Cache Server V2.0)\r\nage: 1\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_48302-16523\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":9746,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced","md5":"c55ce2d1752b7809c0e0804c972b9a59","sha1":"854a7e822b43491581fb73c402351d6579d66085","sha256":"1531ddab326eab238c725e6c596be58138bfc9c5c33a1d9f077990583bd9ed28","sha512":"edcd30ca9565e52f25dd610ba92b03ad83b147a3a65badf75cb50332188a77ef9ea91a41942919737436ea5b0974b6f2921845fa79ffd0d921b1aa56219ccfbb","ssdeep":"192:+jMIaZbqb/9K+jh8bvaFTe++6UQVHQIWryHGPzH94DQluSFcOUvcC:+g/M/hGvaFTeni0NPx4wHexvZ","tlshash":"f812bf1bcfc67ea17e8a0787a0e3323f96eb5c00e260559ff8b4d86bad8e4c0554454d","first_seen":"2025-02-09T10:20:45.362421Z","last_seen":"2026-03-13T10:33:10.171654Z","times_seen":19,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":239,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20250218/04a046b9c34b025e242bda73c44d09c0.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20250218/04a046b9c34b025e242bda73c44d09c0.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 14138\r\nConnection: keep-alive\r\nLast-Modified: Tue, 18 Feb 2025 00:55:47 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80eb85d89f81db1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ld122:13 (Cdn Cache Server V2.0), 1.1 PSrbJP1de68:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:2 (Cdn Cache Server V2.0)\r\nage: 1\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_38747-54764\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":14138,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced","md5":"a7eadd9694590bb66146d283899c507b","sha1":"7d00eb7c14e1e143931efceeb4fbc3279b701af3","sha256":"a06c23c34ed85808f8ccc55f4bb8d14672fb903c7b9cb9f5ceb8ad107f662781","sha512":"d242489d5c2cd86b929fdff6fdd68f3231ddee1c1f677af3bd6df83633e8df92a683c8a8171f2ee662dafa554f419e6f9d74e166f623ec03ff7d99e5a3a22b96","ssdeep":"192:nSHIIHUCD4waLowdb+0odmzmCKjJE/Z7bi0hqrsdcs21vRVikB1nPBDOpa8CHE:S50w8NodmzmLJmZXBFy1v/n7PB4aLk","tlshash":"b952d0894a2b197d027f65a3090bde844eb24410d1d65ca9984f46ebe7c7e8076509f5","first_seen":"2025-02-24T08:12:32.383508Z","last_seen":"2026-03-13T10:33:10.188087Z","times_seen":16,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":250,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20250918/bcffcced15c306c5cfb869f4f95ce8f9.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20250918/bcffcced15c306c5cfb869f4f95ce8f9.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 13616\r\nConnection: keep-alive\r\nLast-Modified: Thu, 18 Sep 2025 02:50:11 GMT\r\nAccept-Ranges: bytes\r\nETag: \"9f7fcaf34628dc1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ef124:2 (Cdn Cache Server V2.0), 1.1 PSrbJP1ww66:14 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:14 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_48302-16549\r\nage: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":13616,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"47882b81795c0a2958b85bd52ffa1e33","sha1":"37943cde07108a58653c24b03129da5aceaa4c0a","sha256":"46ffd9761327d02b280951b980ecae9352db2edc169f0a043d39ca15e81bbe62","sha512":"2d29f4e8db73e4ab925582b15b9565137195b7c249233042e1767ee6d40648bf5750d12143d1834f77c0c7fc7df52525d4ad70d78c828404bdaa4ef6c6f1a00e","ssdeep":"192:kIDDyA5yjP6G2C4zaicQgUbN8EtttNvWZFzmCHjQ95tMuHwlks2gHEYzIBeJsWEn:0A5yrMgKgU7tBWZFzi5HWFk+08A","tlshash":"bb52d0fd04ebdc5da793a233aa152523d5b23179505fe384c2b9249c8ca94223bdb727","first_seen":"2026-02-12T17:27:40.487102Z","last_seen":"2026-02-12T17:27:40.487102Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1462,"timings":{"blocked":1206,"dns":0,"connect":0,"send":0,"wait":255,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20241023/9d8602ac87d90b8e270f4e0332cf6dbe.jpg","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20241023/9d8602ac87d90b8e270f4e0332cf6dbe.jpg HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 6083\r\nConnection: keep-alive\r\nLast-Modified: Wed, 23 Oct 2024 09:17:01 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80a447512c25db1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ir123:2 (Cdn Cache Server V2.0), 1.1 PS-HND-04npN80:12 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:12 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6c_PShlamstdAMS1vj92_45190-13596\r\nage: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":6083,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 128x128, components 3","md5":"a29ccb05f36eb75d6cd57de5100e3dcc","sha1":"90ecd19070034e0f5c63d66b0c7af93861bd1113","sha256":"a144d68d07886db9d7f2f0bebfce36da525f61081c5ffce16341832eeeedacc3","sha512":"4f0d1da55795997e82a9aca3840def9b345970c5fc449f2032351bb28154dcc4a761c309c79c3b21aabe2ac21a8f69dbe263fba358b2229b7290c3b3cc165dcb","ssdeep":"96:0SK2Z+rjTKhac88K8Hq0tLCXdCIB59hTa5c/+Is48KxW6MJ7strt:rnq0xCzB59g5T+86USB","tlshash":"a6c16c14ab11b76ede8bc86410b252bad8a5a07034d9a109bdfef4b914831bcd325b56","first_seen":"2026-02-12T17:27:40.488001Z","last_seen":"2026-03-20T23:33:49.068459Z","times_seen":2,"resource_available":false,"data":null}},"time_used":891,"timings":{"blocked":608,"dns":0,"connect":0,"send":0,"wait":282,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.ddooo.com/images/doo_icon.png","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /images/doo_icon.png HTTP/1.1\r\nHost: m.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/css/npublic.css\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: image/png\r\nContent-Length: 208891\r\nConnection: keep-alive\r\nLast-Modified: Sat, 28 Sep 2024 08:55:52 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0dc91388411db1:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Ser: i62710_c21843, i2103125_c25795, i89820_c26665, i1935921_c22759\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":208891,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced","md5":"5a049001420ad3771a9d00ddc80fc6d4","sha1":"acc47093f007680c1ff2c9c59d4a0ec65c820bee","sha256":"b5d26a05292471c2de327daef6a9bfbc9cfde95cf4bb9a997bd0d83a69a4b87a","sha512":"9b8c49d33937f6b5ef3ae627e345af947383f5a4eb497d8d948de9ec446fafb8ec4573599a22408b4c6454d9ef94101e82860098ba771572309f44aa7ea0a327","ssdeep":"1536:JVGaFYwbBMjx86PPRs0DUtsfQXsN/PY8kslfISxW33t2:lbM8YG0DcHu/PYqJYt2","tlshash":"1114d844ecf498c1a84eb75aa0dc1c409ed72ec39d70652ebfad88dd0f116d84dd2a9b","first_seen":"2025-02-09T10:20:45.316439Z","last_seen":"2026-05-08T21:03:37.257224Z","times_seen":33,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20250220/ec873723ac15558f18b7fc4104099b4b.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20250220/ec873723ac15558f18b7fc4104099b4b.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 1781\r\nConnection: keep-alive\r\nLast-Modified: Thu, 20 Feb 2025 00:45:43 GMT\r\nAccept-Ranges: bytes\r\nETag: \"805556c53083db1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ld122:2 (Cdn Cache Server V2.0), 1.1 dj136:7 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:12 (Cdn Cache Server V2.0)\r\nage: 1\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_45190-13612\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1781,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"f6a1a106c2eeb618c059531b67f64980","sha1":"416bb9f0b3f5825cccaf0a276119002c2949f319","sha256":"f4526c778ee3374f27ded2918ec9f37be6de7aabd03b20c13a33dfab07f2a063","sha512":"f40157b375b7f72d1d8b950427c0d50b62d558e1d544bd16123dad53d9b1615e6cf73c60ee34f4a0393441a02c4aa9866e4d399fcd0ef0b35e438c3e978116f7","ssdeep":"","tlshash":"8131dbbfba0aa864d3569230cc370311083bae41ff75e44d302535583e382145be3684","first_seen":"2025-02-24T08:12:32.435326Z","last_seen":"2026-03-13T10:33:10.180209Z","times_seen":16,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":224,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20250213/153ceb57c72240b4269441fdd48cc6f2.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20250213/153ceb57c72240b4269441fdd48cc6f2.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 6714\r\nConnection: keep-alive\r\nLast-Modified: Thu, 13 Feb 2025 00:51:36 GMT\r\nAccept-Ranges: bytes\r\nETag: \"09cd96eb17ddb1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04JlJ51:4 (Cdn Cache Server V2.0), 1.1 PSrbJP1jg79:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:14 (Cdn Cache Server V2.0)\r\nage: 1\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_48302-16525\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":6714,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced","md5":"2bf2fda404742b886dda12bf59b0cb14","sha1":"a7e771469fc1f3c4540be0c8557212ce279f6ffd","sha256":"d43cccbd346b2b70602689a230daf0368d49039be813c01d33226294562f219b","sha512":"6b8a912b8d783e659dc547cfbd0f0fb815e9807da152335fe0913d19c72aa8a7ff5aa4f76c845471b85a7de8cc0491122240dd23ccf8b5ef4c4b268f40050075","ssdeep":"192:z5QUPpKQXnBKFAk7eZWHXTJzWd0ImX0k6V96oUQfzz3:9QU8QMFAroDJw0INk6V04z3","tlshash":"13d19fb64c4a8b0d2464e0ad92b45abd27f50902ca19b8d32cd7bf10748ce61f83e74f","first_seen":"2025-02-24T08:12:32.418816Z","last_seen":"2026-03-13T10:33:10.173228Z","times_seen":16,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":250,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.ddooo.com/css/nswiper.min.css","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /css/nswiper.min.css HTTP/1.1\r\nHost: m.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/softdown/213013.htm\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: text/css\r\nContent-Length: 17772\r\nConnection: keep-alive\r\nLast-Modified: Sat, 26 Aug 2023 07:47:41 GMT\r\nAccept-Ranges: bytes\r\nETag: \"808c5297f1d7d91:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Ser: i2020947_c24821, i1935839_c22759\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":17772,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (17458), with CRLF line terminators","md5":"6f57279d87f76916b1f8e71299e45f9d","sha1":"b426bb42e3249de295ede4cc80fb75a1646c67f6","sha256":"395db784c746486d4cf31adc79a5416d314c079b6962082689d023732d62fe86","sha512":"ea046da9abfb3a8319c21aabb1a9bee00c2e06edd011f2c0bc1ca7adb929699e0848f6d831067b5b4b798177493f0a0b5c7a7794d63e43f3ddbfb4b8318c3256","ssdeep":"192:mPiN0GpaNCv8jrfg5WHmXgyXyzSHF68DJB0SwD:mP+52COfgWHfyXyzSl68Pe","tlshash":"3082832c17002067f6324f1987c9e77c9715c8939e0368ef6650de48cbbb5a9227f7a6","first_seen":"2024-12-27T06:42:16.667307Z","last_seen":"2026-04-23T12:27:34.391514Z","times_seen":28,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":58,"dns":1,"connect":26,"send":0,"wait":25,"receive":1,"ssl":51},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20240928/98fed6ae2959d439a8e86c5c93d5f28c.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20240928/98fed6ae2959d439a8e86c5c93d5f28c.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 1653\r\nConnection: keep-alive\r\nLast-Modified: Sat, 28 Sep 2024 08:32:13 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80a4c7ea8011db1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04JlJ51:10 (Cdn Cache Server V2.0), 1.1 PSrbJP1de68:14 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:14 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6c_PShlamstdAMS1vj92_48302-16462\r\nAge: 196\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1653,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"4553e7540766f6a8a7d184f88e1520f1","sha1":"d6e21274d92e03bf0eff30981ce872b54c71ff49","sha256":"26c1b9d5c8eacb828d0d794830e220857490ed1400e4f4ebd7a1f802a90a978b","sha512":"c40ce7b7a2527b7c5a0e5c9fe16341f1e72c6eb86ffaf422768ce4f58c365a6c17e0a3cdab0a2920ae4a2e157285b10b84c889bd53e02fde2d596b3f675af2dd","ssdeep":"","tlshash":"d731fd2b544ceafdc75d5644f7a8701b336b1af27353cbd1e28603a1c12419197a0e3c","first_seen":"2026-02-12T17:27:40.490963Z","last_seen":"2026-02-12T17:27:40.490963Z","times_seen":1,"resource_available":false,"data":null}},"time_used":875,"timings":{"blocked":396,"dns":0,"connect":0,"send":0,"wait":479,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20250520/634c77f22f05e1235df1391008815e4c.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20250520/634c77f22f05e1235df1391008815e4c.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 15579\r\nConnection: keep-alive\r\nLast-Modified: Tue, 20 May 2025 06:45:11 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80b5a1bb52c9db1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ir123:5 (Cdn Cache Server V2.0), 1.1 PSrbJP1al65:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:2 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6c_PShlamstdAMS1vj92_38747-54747\r\nage: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":15579,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"29bdeba539ac6507a1ef3e1c772e3677","sha1":"65123e6248ddc051307d6aaf2033584ed13d3c36","sha256":"5ea7ceba2eb8958bc8fe33233b186b6058c1f85258563bada2be6af750ea4404","sha512":"675f6bba0dc1f46701b09ff6d3341afc859e111cb1b62a3a8484fa1f6fa53e58dbc5ea250ee3e48795306255da69c8b5acd361585afa833f5bf1fe388e2858c6","ssdeep":"384:LiqIJa8GCYOHfGhA6rSbXxeS2C9nshEljO:LiquaobH+OZk/iMEU","tlshash":"4e62d01ffd228e8b8160685f358372a5929b8d15d7a695484fceeb43fdbc12c804d5f4","first_seen":"2026-02-12T17:27:40.492056Z","last_seen":"2026-02-12T17:27:40.492056Z","times_seen":1,"resource_available":false,"data":null}},"time_used":903,"timings":{"blocked":642,"dns":0,"connect":0,"send":0,"wait":260,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/190115/20190115154214819.jpg","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.245Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/190115/20190115154214819.jpg HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 5025\r\nConnection: keep-alive\r\nLast-Modified: Tue, 15 Jan 2019 07:42:14 GMT\r\nAccept-Ranges: bytes\r\nETag: \"04fc7d4a5acd41:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04JlJ51:13 (Cdn Cache Server V2.0), 1.1 PSrbJP1jg79:12 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:8 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6c_PShlamstdAMS1vj92_41606-27317\r\nAge: 15342\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":5025,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 128x128, components 3","md5":"55f21d40a96374d33486da169f0cfec8","sha1":"43e0fcf9600c879f82237199346840664037ee2e","sha256":"85692e0070606a1e74a839af7e4c1e4fd4e368cf2765e159f5d6462fde58ad2d","sha512":"f355be3a505dd52258e26df051774663f2585d987296da4f4bdd2af979294b67f53616b5fdf999fb88235534b97224540e404f257fbbbcf0a2664f88c7f93c13","ssdeep":"96:uSK2xhKqKAeEgoLNYW1njNSRhBLd8gFlsHp6MLcbMiOWuYmtg57:dUKV9jW1ddPsJ6MgAiODYmi7","tlshash":"10a16cdcf2449da1d896c5b503c73a27466038d5829cdc01d8fb965c653ce612a3fae9","first_seen":"2026-02-12T17:27:40.492827Z","last_seen":"2026-02-12T17:27:40.492827Z","times_seen":1,"resource_available":false,"data":null}},"time_used":914,"timings":{"blocked":655,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20240129/91c23b342492f02c73de8ece3c45f987.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20240129/91c23b342492f02c73de8ece3c45f987.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: image/png\r\nContent-Length: 8242\r\nConnection: keep-alive\r\nLast-Modified: Mon, 29 Jan 2024 06:45:35 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8011e5c27e52da1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ef124:7 (Cdn Cache Server V2.0), 1.1 PSrbJP1jg79:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:14 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6c_PShlamstdAMS1vj92_48302-16438\r\nage: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":8242,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"69746945c20852879c7a0d6b7a7e164c","sha1":"3d99581162b7ac38cb1e761dfdcba6fec58dd349","sha256":"98539548a0b00b5f199337332e66218035a5a460d97db162eab1147e9e65c384","sha512":"be3e72536d04f23a311d286b18d9a11ff7a5f156d187d986186a639346cce4a655d18d40332f4ad0bb0b3e6656086095750f62600b37b6f2105b1f49195ed771","ssdeep":"192:9TEwphUQ38a/aaHdEgtGPcq34CxwHUDemjkOLizRY:ZEWUAXCEdTWckk0DeXOL06","tlshash":"7902b13dc295554aa5731718b7b3776131e780bb31219f553f10ea617c6e1dd8d44f04","first_seen":"2026-02-12T17:27:40.493646Z","last_seen":"2026-02-12T17:27:40.493646Z","times_seen":1,"resource_available":false,"data":null}},"time_used":495,"timings":{"blocked":103,"dns":51,"connect":25,"send":0,"wait":254,"receive":1,"ssl":52},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/160426/201604261642071495.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/160426/201604261642071495.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:10 GMT\r\nContent-Type: image/png\r\nContent-Length: 22686\r\nConnection: keep-alive\r\nLast-Modified: Tue, 26 Apr 2016 08:42:07 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8019c483979fd11:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ir123:1 (Cdn Cache Server V2.0), 1.1 PSrbJP1jg79:11 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:2 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_38747-54823\r\nAge: 37946\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":22686,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced","md5":"9f50911d0d0a5ca49b3ecc792f9a310f","sha1":"63a10e592c75f3d01ef95ac15386232a6e781287","sha256":"40f030a699c7a342b9416728c0df75fa23d9cb0a913301b4028687ca6e48b6f1","sha512":"b337fed69306892490e2238a944ee0c4520ea02b41f3d43e30b04382eb22c55400872d337e2bff8b10caf6debab77dd0b894eea5c29e05947ced53b21ce64bf7","ssdeep":"192:KIIHUCD4waAk6sN5vFhmSPm4+q8fQzzUZNZDOW3:k0w86c5vfmSPm48fgoZNZr","tlshash":"60a27e28fcf1ba94c10a9b3a2cc525068c574b87b781ac457acd45479f21b96bc5f3c3","first_seen":"2026-02-12T17:27:40.494527Z","last_seen":"2026-02-12T17:27:40.494527Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1915,"timings":{"blocked":1653,"dns":0,"connect":0,"send":0,"wait":261,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20250222/71d5c2ce03d4c4bbd2f1c8d0d78e5d24.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20250222/71d5c2ce03d4c4bbd2f1c8d0d78e5d24.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 27319\r\nConnection: keep-alive\r\nLast-Modified: Sat, 22 Feb 2025 02:15:46 GMT\r\nAccept-Ranges: bytes\r\nETag: \"343af9aecf84db1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04JlJ51:12 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:14 (Cdn Cache Server V2.0)\r\nage: 1\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_48302-16528\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":27319,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced","md5":"44026fb705fa08e0d2653b758ff65ed4","sha1":"7525e29ff1e40608686df2636c35fa0d6e433eaa","sha256":"09e9b7feedf8464187bd9783c34662e00422f9bbc66c9261e9fbcf1c03dcd3c5","sha512":"15d3400a9c236649ff3e867ce79f9b51473728780a1c4bb80db8ad1fe1386d318377b21a9d9a3346d2626977276011758b7ec1406d49f3a1e10d7006e70acbd3","ssdeep":"768:Hzuwxu4plC8kdWHvyig9/exulO8SvZIFfddjI02:HSDd8kd9RlOVYcL","tlshash":"7ac2e1db7b1a81b415d4e46b851de0be3f7c76380cb7eca57e8d7ad412236206429c8b","first_seen":"2025-04-27T12:37:45.330205Z","last_seen":"2026-04-11T03:37:37.234002Z","times_seen":17,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":271,"dns":0,"connect":0,"send":0,"wait":24,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.ddooo.com/public/npublic.js","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /public/npublic.js HTTP/1.1\r\nHost: m.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/softdown/213013.htm\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 104610\r\nConnection: keep-alive\r\nLast-Modified: Sat, 13 Dec 2025 02:07:02 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0a7b82bd56bdc1:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Ser: i27269_c14934, i59682_c22361, i89830_c26665, i1935893_c22759\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":104610,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65482), with CRLF line terminators","md5":"ab4a6cc8f2b93010b0f8bedd60ec19f1","sha1":"c1feba4ba88f35b65f923ec32ec74bb8d86ac33d","sha256":"43f6431077c35e11e8592f80febd792006790b9bfd32b2b4cc937da940552104","sha512":"b90a72035e2a8a2d5173e22948c647e08a657834866d212545cea2b1398e3d47182f6bfc13cbab18b41dd25d925d2b3e35025ae22fbbf64128ccd271ffdd0267","ssdeep":"1536:96IzxETpavYSGaW4snuHEk/yosnSFngC/VEEG0vd0KO4emAp2LSEMBoviR+I1z5p:v+vIklosn/BLXjxzMhsSmjmG","tlshash":"a7a3f7ed73c6716243bb31ba40af610af236646a180d8410f52ce8e4bf75a499277f7d","first_seen":"2026-02-02T06:03:43.783812Z","last_seen":"2026-04-23T12:27:34.392528Z","times_seen":21,"resource_available":true,"data":null}},"time_used":214,"timings":{"blocked":50,"dns":2,"connect":27,"send":0,"wait":30,"receive":49,"ssl":51},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20250327/613d8b71144027ac31261cd3295a4577.jpg","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20250327/613d8b71144027ac31261cd3295a4577.jpg HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 6280\r\nConnection: keep-alive\r\nLast-Modified: Thu, 27 Mar 2025 08:01:37 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8046cb76ee9edb1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-046K749:5 (Cdn Cache Server V2.0), 1.1 PSrbJP1jg79:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:18 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6c_PShlamstdAMS1vj92_4745-22816\r\nAge: 25951\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":6280,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 128x128, components 3","md5":"27708d015586116f7ea74bb5e5314d37","sha1":"b1278decda3260f7caa0d5d42520abbe5558dc12","sha256":"514478e831ed694a029b0f59230a499ac6c91533ffb73d5b0bc9ee61377994fb","sha512":"3fff10f0173474632cfaabf2cae04f653c9b7ebd8e54028edc43757d7fcb87325facaea9bd4209f1ced644c7b3aa551229457c910217edfa70e5099ff143e7f6","ssdeep":"192:xo0ccmCzSXPHXb5KDuxTR+hp0zGKDkr2r9SzzzzzP:K60X/XIDuJAuz/g","tlshash":"d3d17e98e77e37c6fa38b72224d1ad17aec41d1178607e856df7942084663ef0c3928d","first_seen":"2026-02-12T17:27:40.496454Z","last_seen":"2026-02-12T17:27:40.496454Z","times_seen":1,"resource_available":false,"data":null}},"time_used":655,"timings":{"blocked":394,"dns":0,"connect":0,"send":0,"wait":260,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20240709/a969d25ea5edf15a17e90826b39ce77e.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20240709/a969d25ea5edf15a17e90826b39ce77e.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: image/png\r\nContent-Length: 4163\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jul 2024 03:21:47 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80d75b21afd1da1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04oR750:4 (Cdn Cache Server V2.0), 1.1 dj136:2 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:18 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6c_PShlamstdAMS1vj92_4745-22797\r\nAge: 12279\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":4163,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"1abc1204c1573eaf3e1b20179092a0bc","sha1":"1b6afc4f5091a1ee5e1a3750fcbb897d7cd5dc6b","sha256":"dfae7bd31a4a0d988847a1b96f7a40ba0ddd3d4d7566c2906341b577a6429e75","sha512":"d24fa39e335aab7cd20e28f84a96e73948606b358a1f5fc047fa7ad3ffccc583a6dc65d2c397ddb136bb956a468ce6fcab4552ab7d58b5a30a6c21ff14e65619","ssdeep":"96:EbqqZ/1w/9y4/Rr8/52GsD+AkDJjgQF6WMp9ZI:E2qZ/1wbRrkCaVF5mk","tlshash":"a3816d81501ecdc5e077aae4684745da6d302444b0eec9c80ac794fb7d6ffb266ef520","first_seen":"2026-02-12T17:27:40.497295Z","last_seen":"2026-02-12T17:27:40.497295Z","times_seen":1,"resource_available":false,"data":null}},"time_used":529,"timings":{"blocked":97,"dns":86,"connect":25,"send":0,"wait":257,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20250410/36a0799fe32038da2f4ba764cbaa1920.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20250410/36a0799fe32038da2f4ba764cbaa1920.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 7716\r\nConnection: keep-alive\r\nLast-Modified: Thu, 10 Apr 2025 02:25:59 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80d564e5bfa9db1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 12043483:10 (Cdn Cache Server V2.0), 1.1 PSrbJP1jg79:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:12 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_45190-13645\r\nAge: 37009\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":7716,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"d0a78c8a69d5327a1f81e95e9fd22c29","sha1":"d19c6a69bd83cecf89c63fbef47daf4a3dc6f13c","sha256":"6e8d154ed7b15a5fc095de16131944b7bb17d8ef125c7e680ae99e6829f3114e","sha512":"56e367d9e84b321dbde5c9c773a52b2a823bd1adc5d1f656b6b82b962efa08e4a26342758cb6cd88ba3fa52b2926a5d571338870b6589683fa1401ca7e536e28","ssdeep":"192:SRqzFTrt4bfIDYuqcMqCf/aggLxAax3n5TKSzCdKrMkxj:Syp2YMqCqggLxJX5TKkCdiMkxj","tlshash":"7cf18d53c4462fd21022804d3cf791191e9b8d0dc221ae51caaaf193197a3f7969fae7","first_seen":"2026-02-12T17:27:40.498103Z","last_seen":"2026-02-12T17:27:40.498103Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1517,"timings":{"blocked":1257,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/171130/201711301048357263.jpg","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/171130/201711301048357263.jpg HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2603\r\nConnection: keep-alive\r\nLast-Modified: Thu, 30 Nov 2017 02:48:35 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80342b78569d31:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04oR750:6 (Cdn Cache Server V2.0), 1.1 dj136:2 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:18 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_4745-22880\r\nAge: 197\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":2603,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 64x64, components 3","md5":"438c9d69f41641d9a45ba91d4a728133","sha1":"69ec81d6c9267dd2e22c67aba71bc636becff0f9","sha256":"d3180fc40ac4a5737ef626ba19cf475ebd2c3bf6331067caab7b7877f34daec5","sha512":"ff9addf629232f1f3163acedad0b504120ba831908948796f523c65f46e30df39da60ea6b17b8e12543cf600472c563e58b8e3ede5ebfcab485116b713e1d469","ssdeep":"","tlshash":"2351d90bf25169c1fb8d657261e2d533fb261810ed97e03698ddc81b74b20b948909ef","first_seen":"2026-02-12T17:27:40.49894Z","last_seen":"2026-02-12T17:27:40.49894Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1609,"timings":{"blocked":1352,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/220426/202204261137099636.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/220426/202204261137099636.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 12969\r\nConnection: keep-alive\r\nLast-Modified: Tue, 26 Apr 2022 03:37:09 GMT\r\nAccept-Ranges: bytes\r\nETag: \"802061e81e59d81:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04JlJ51:14 (Cdn Cache Server V2.0), 1.1 dj136:7 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:8 (Cdn Cache Server V2.0)\r\nage: 1\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_41606-27334\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":12969,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"d67d4b98fd2cde3bf20aaa1f731a5645","sha1":"dceefea2ee105cecace135eeb4b07d84d0854e0b","sha256":"98fa7adb58e16a18eace0636cd2dd0fd70055ca75a4f6fb390e8393a2dca78c1","sha512":"23ea51dbeac0790334d15ba10a9bdb337ebde5cdf57238974a40e62958344fbe7cdeb1d94bafb3e808d15f608f9126396417a58b1565fd8891e81081ab3212b1","ssdeep":"384:5arJ1S6+16tfgat+X3QPzXmYjnzhP/3Kt3hyxoaP:Q91aUgiM3QLXmYjnzl/8yxxP","tlshash":"f942b0eb23c9e0796be8fa142e4ea51b113b0f57597180823c7ce95661b3e95fa6c400","first_seen":"2025-02-09T10:20:45.356893Z","last_seen":"2026-03-13T10:33:10.174183Z","times_seen":18,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":266,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/180122/201801221747065495.jpg","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/180122/201801221747065495.jpg HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 34199\r\nConnection: keep-alive\r\nLast-Modified: Mon, 22 Jan 2018 09:47:06 GMT\r\nAccept-Ranges: bytes\r\nETag: \"04979f66593d31:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04oR750:3 (Cdn Cache Server V2.0), 1.1 PSrbJP1ww66:12 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:2 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_38747-54769\r\nage: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":34199,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2018:01:22 15:57:34], baseline, precision 8, 128x128, components 3","md5":"0ef5fe3186b2c2dc877f0d007499c6b5","sha1":"06d032b99526609216979bbf16f9c80a149f0397","sha256":"2f30339dc90319f74be0b14dfc365c874742bb1ecc6c48cb164734fb53f7bba2","sha512":"004ad4257c272678e202f9737184cd5d488a81d57e56b5f136281068197a7898c934f21c7825304b4fcaaf6d6f3e46c74265e0f086844640c1084fd3fff1e291","ssdeep":"768:MwYyNv2POYyNvBbfYyR8AkN6Edd0xHMx6k:vBJBZbf/EdAsR","tlshash":"4be2af75eb67df23fad0d63440e6ebd1a2228b24a3532602745cf506bf752d07e9d04a","first_seen":"2026-02-12T17:27:40.500859Z","last_seen":"2026-02-12T17:27:40.500859Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1236,"timings":{"blocked":973,"dns":0,"connect":0,"send":0,"wait":259,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20241015/02e461e92d13e620d1d25d9b6b2ca893.jpg","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20241015/02e461e92d13e620d1d25d9b6b2ca893.jpg HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 8814\r\nConnection: keep-alive\r\nLast-Modified: Tue, 15 Oct 2024 06:31:07 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80c7edd0cb1edb1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04oR750:4 (Cdn Cache Server V2.0), 1.1 PS-HND-04npN80:11 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:12 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_45190-13625\r\nage: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":8814,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 128x128, components 3","md5":"75cb6e47a17adf347f40cb63c92c243d","sha1":"cb7201e20beb37777e68feae8728c5097e124880","sha256":"689044ed70bd4d07c1a33ce963be5c7440ee2b14b85d05148bfda2f9548f99aa","sha512":"d56db600804d2a7278f56ddec93919105003114e3504a7daa1cfe27cd13998106675fda3c09d1bfd780f926a0a453dd864824b550a50171edabce010507469a2","ssdeep":"192:lzaMcxspNEPP6ECipTY3hIG4Q1Gn+/t0OuT0nhsWbyyyyyC:N1cxspePP6dYT6hIUy+10n0pyyyyyC","tlshash":"bd02ae8d32013333e17fc8a1b5e8e09745181efa83e9d5e0608fc0525078628b7e43e7","first_seen":"2026-02-12T17:27:40.501707Z","last_seen":"2026-02-12T17:27:40.501707Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1266,"timings":{"blocked":990,"dns":0,"connect":0,"send":0,"wait":275,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.ddooo.com/css/ndetail.css","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /css/ndetail.css HTTP/1.1\r\nHost: m.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/softdown/213013.htm\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: text/css\r\nContent-Length: 47871\r\nConnection: keep-alive\r\nLast-Modified: Fri, 26 Dec 2025 06:47:29 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80d6c3803376dc1:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Ser: i27269_c14934, i2475937_c28821, i2020957_c24821, i1935845_c22759\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":47871,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"83263b873ce5214657fa9237f38a391d","sha1":"ee2c44ee68e93c4ec4288078e1413676ddd5a2aa","sha256":"eae64bf3327330aae37ad2b63a111285074c83198ba02b7bf09728abcd3b2afd","sha512":"4f89ee840d1c242b90fd02e87d10d95dc6fd4f3eb22b9d8ae14d7db57edb248f105da8974ca288fc915408e971878abacf5b56769c047659e6889350c8b14a23","ssdeep":"384:d1s5SfsvbZo2qm6kr6c9rLmI5f7/9SYrEG2R85UqT4bqdR0wtUPpfHYzx7TkBcGj:d1s54OqBNWTa","tlshash":"872332b9eb105104b236cbf47fa25b6aa76a4163974203bdffe43009a28ad1d1573fc5","first_seen":"2026-02-02T06:03:43.742067Z","last_seen":"2026-03-13T10:33:10.181137Z","times_seen":19,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":49,"dns":2,"connect":23,"send":0,"wait":24,"receive":1,"ssl":51},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/uppic/20240928/1cb3a5cb4c9ac188cb38ed98c02dde0c.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /uppic/20240928/1cb3a5cb4c9ac188cb38ed98c02dde0c.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: image/png\r\nContent-Length: 48474\r\nConnection: keep-alive\r\nLast-Modified: Sat, 28 Sep 2024 08:33:59 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80f5f5298111db1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ld122:7 (Cdn Cache Server V2.0), 1.1 PSrbJP1jg79:11 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:2 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6c_PShlamstdAMS1vj92_38747-54725\r\nAge: 12279\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":48474,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 600x456, components 3","md5":"cb5d1b2e3c3533f7e850eecf3ce6c06c","sha1":"0b3574e723d5dd91fd83864e4da5ee43b0dcad82","sha256":"64fd50a1a6248c315e64ffc65744f66c95a68ef7e204e4514256ec70547d8418","sha512":"daa5700f90e123d364ac6e2d4d61e188261951cbfe8d75982c246d9cab083ea471a6b496c0abdcff91f2a7164dc6e63b7ab47d319604922561d7db2c79be0934","ssdeep":"768:aykdQSPHEJADanVL+4sTu1FIgxMk0E/Q1CWh3sbKZSCruP7Dcoo0mmQ:a/drLaxb3xJQ77QrBS","tlshash":"6223d0136e1e4d83746e93e9bc024d5c13216799d99832ff21302f857fed5969e6a00d","first_seen":"2026-02-12T17:27:40.503024Z","last_seen":"2026-02-12T17:27:40.503024Z","times_seen":1,"resource_available":false,"data":null}},"time_used":662,"timings":{"blocked":396,"dns":0,"connect":0,"send":0,"wait":262,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20251009/c3042a5e19e37f207ff061030b2c8114.jpg","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.238Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20251009/c3042a5e19e37f207ff061030b2c8114.jpg HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 18233\r\nConnection: keep-alive\r\nLast-Modified: Thu, 09 Oct 2025 05:37:40 GMT\r\nAccept-Ranges: bytes\r\nETag: \"3ff42d4de38dc1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PS-HKG-04JlJ51:12 (Cdn Cache Server V2.0), 1.1 PS-HND-01SaS134:23 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:18 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6c_PShlamstdAMS1vj92_4745-22832\r\nage: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":18233,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 128x128, components 3","md5":"1dbb6e0f02690bd4587df2475d73100c","sha1":"e0de82f539cff71654039bc5815b460799765614","sha256":"81fd61c30fae274a83e49f2088c6ce33105285778e4ac611ff4e5b27d5179f62","sha512":"46809b646d1cde9f66471c514ffb9fcbfaf46a6a7cc7e5ad4a454bde3c4722946a158d664e420c13934e7982233c28347b96f2083b57c329bc2cab92ff7faa35","ssdeep":"384:hLzug/GyoeSRnitPk0a4h8hu33zo98TqGuOGPvp/niQy6:1d/s9iFhEu33zo5nOYliQf","tlshash":"fa82cfe3dd178d0ad133b438508b52789f3a0b885b83d10a44a6ca56e9aa57373af4f5","first_seen":"2026-01-19T01:17:28.443931Z","last_seen":"2026-03-20T23:33:49.616216Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1393,"timings":{"blocked":641,"dns":0,"connect":0,"send":0,"wait":750,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20241114/cd95d7cb67136e7f144ac969b1f0affe.jpg","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20241114/cd95d7cb67136e7f144ac969b1f0affe.jpg HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 5042\r\nConnection: keep-alive\r\nLast-Modified: Thu, 14 Nov 2024 07:02:10 GMT\r\nAccept-Ranges: bytes\r\nETag: \"085c11f6336db1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ef124:12 (Cdn Cache Server V2.0), 1.1 PSrbJP1ty77:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:14 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_48302-16530\r\nage: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":5042,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 128x128, components 3","md5":"34bfc08310a556783411a2bc4a576da8","sha1":"ca09fbd035520061f0e99b7fe394ec8c06fa19a9","sha256":"70003d1d2e71e041e54ca9e8f9fc37b67faa217f02bf92734037cfc27ebd04e8","sha512":"ba7ae7c1f6f6120ccaab212382de0895e94f40517d29088fbf701824a6f4887cda2ac893823d077c2d4d49824ebac738e9f86d1a1c895c57cff58d6d815d0789","ssdeep":"96:0SK2a8/c5YFR5HvPpvcfXQF0a5b2DFpmUxpRSisG7K2byB:rU8/c5CvcXJpRDBu2bO","tlshash":"c3a14cddf552a702e4c8d9b628baa40b85654181f5dac81ec8f7a7c338601f4ee192cb","first_seen":"2026-02-12T17:27:40.504873Z","last_seen":"2026-02-12T17:27:40.504873Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1229,"timings":{"blocked":974,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/230906/202309061845541994.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/230906/202309061845541994.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: image/png\r\nContent-Length: 5891\r\nConnection: keep-alive\r\nLast-Modified: Wed, 06 Sep 2023 10:45:54 GMT\r\nAccept-Ranges: bytes\r\nETag: \"01d644fafe0d91:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ir123:13 (Cdn Cache Server V2.0), 1.1 PSrbJP1de68:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:12 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6c_PShlamstdAMS1vj92_45190-13564\r\nAge: 41812\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":5891,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit colormap, non-interlaced","md5":"d09377de43b90ee0443e4adc923245bd","sha1":"2510736d504097e77119a2c899e4a5d36e233d45","sha256":"f64d2014d0ca41799034f360906c68b5e4b2e6d231577a576508bddf9229d9f2","sha512":"3a0bca29309bf4d435bec0f27ff23b68508f8e1cb434acf6d9ec4ec82c9a5d501a8b9c5cc7b0155e8a712612b2c7e8c6d1dcb25e0f63e2b12e384812e2749019","ssdeep":"96:YSMllcHitlIxv9vk7C1+I4wWHLihk/x0P2nYigoKIbBUR4NEPXuU5OYXM+aHNFPb:YSHIIHUCD4wa21dIb046PuShcltJU8Su","tlshash":"51c19d8d5d01d7ef31ca06c926a7fc1c0e62c6d512985e1caabaa31f0e20ca33068977","first_seen":"2026-02-12T17:27:40.505526Z","last_seen":"2026-02-12T17:27:40.505526Z","times_seen":1,"resource_available":false,"data":null}},"time_used":762,"timings":{"blocked":104,"dns":87,"connect":25,"send":0,"wait":485,"receive":1,"ssl":53},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/171217/201712171723051263.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/171217/201712171723051263.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:09 GMT\r\nContent-Type: image/png\r\nContent-Length: 1403\r\nConnection: keep-alive\r\nLast-Modified: Sun, 17 Dec 2017 09:23:05 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8022b3a41877d31:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ef124:1 (Cdn Cache Server V2.0), 1.1 PSrbJP1jg79:11 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:2 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_38747-54789\r\nAge: 37015\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1403,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"b2a23b4ba6b291c5d9ddd98c0ac442a3","sha1":"48671e3caa2a7f1fec8a226da7ddf3cdaab69fbe","sha256":"978dd89758d1e431d19d3480126f93756f6be1692c6e5cfa2699738cdfca6a93","sha512":"c48bf9f5a02a2dc1b8379c6095f1c9037ecbe0b76e7c48a99df0f38f5c23d95503f54b10ace131a021f9e131a216bee756c0ff126bbe89bbfb1af4302ef48e53","ssdeep":"","tlshash":"fe2108864f34c99fe2df9bb3388acb31ca5b09b905805348d877d6adf922c1324543c6","first_seen":"2026-02-12T17:27:40.506339Z","last_seen":"2026-02-12T17:27:40.506339Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1473,"timings":{"blocked":1214,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/180226/201802261419487899.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/180226/201802261419487899.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:10 GMT\r\nContent-Type: image/png\r\nContent-Length: 1346\r\nConnection: keep-alive\r\nLast-Modified: Mon, 26 Feb 2018 06:19:48 GMT\r\nAccept-Ranges: bytes\r\nETag: \"05a4ecdc9aed31:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 PSxgHKG8ef124:3 (Cdn Cache Server V2.0), 1.1 PSrbJP1jg79:12 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:8 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_41606-27378\r\nAge: 197\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":1346,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"3b50749aa2c3d0a640cfb27d4aff7dd0","sha1":"6ca3ae403389aeb9a143262ce2b3253b29afbbf8","sha256":"33007e214107314170f88e486a3ffd8444487ecc71becedfabd6e0dc6cd6f99b","sha512":"7d4245a50d714cfaf3fc7c2fd72edfd7c8dc26ecc2be6cc68d2f6f7210e9d84293ceb3aeb9102211da0cab5cf9ecbb6b986b5a78ab0d29c0fa0ad6bab880f76a","ssdeep":"","tlshash":"fc21d8cad2165e198b8767b3b08c4bea8220a4c256cec5b64490b47b052d7812744f88","first_seen":"2026-02-12T17:27:40.507132Z","last_seen":"2026-02-12T17:27:40.507132Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1736,"timings":{"blocked":1478,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ddooo.com/logo/20241119/e1ee083547dcb8a94b0730eb8afb1e80.png","fqdn":"img.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"138.113.8.38","port":443,"asn":54994,"as":"ML-1432-54994","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /logo/20241119/e1ee083547dcb8a94b0730eb8afb1e80.png HTTP/1.1\r\nHost: img.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:10 GMT\r\nContent-Type: image/png\r\nContent-Length: 4077\r\nConnection: keep-alive\r\nLast-Modified: Tue, 19 Nov 2024 01:05:01 GMT\r\nAccept-Ranges: bytes\r\nETag: \"805c24f1f3adb1:0\"\r\nServer: Microsoft-IIS/8.5\r\nx-via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 PSrbJP1jg79:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:12 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 698e0d6d_PShlamstdAMS1vj92_45190-13664\r\nAge: 197\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":4077,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"bdbc92915def48f47c22ffe6e5d15be2","sha1":"7eb4fdd2b0d79dd7096aea2d641e99e3b73d33c9","sha256":"249853b50e3e6a78b648529aa9c343804d649d29e288606289cacb7faa4aa113","sha512":"ae03c9e26bf24185e1ecfd3922e86ebffe1c84cc70c8fdda21cd1f0bfc6dd268300981e12f3c68059f1eeab9688f2042e9afb67fbd6b7b99014edb1c3a2e3270","ssdeep":"","tlshash":"f0815acde2c567c07c2bd49124fd06af7d178720e6a9ac8f7cb4d40025243ea028e25e","first_seen":"2026-02-12T17:27:40.507977Z","last_seen":"2026-02-12T17:27:40.507977Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1771,"timings":{"blocked":1511,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"img.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.ddooo.com/images/all_ico.png","fqdn":"m.ddooo.com","domain":"ddooo.com","tld":"com"},"ip":{"addr":"156.225.108.44","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.ddooo.com/softdown/213013.htm","date":"2026-02-12T17:27:08.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.ddooo.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 14 Apr 2025 00:00:00 GMT","end":"Mon, 11 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:74:83:F4:D9:D6:6D:B3:77:BA:4C:86:E8:25:24:FD:A3:D8:3D:42","sha256":"96:AB:AD:F0:14:CE:B9:3F:56:21:BA:F2:28:21:C0:B3:42:14:67:EC:43:A2:C5:A7:87:2E:4F:D7:EB:07:AF:57"}}},"request":{"raw":"GET /images/all_ico.png HTTP/1.1\r\nHost: m.ddooo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.ddooo.com/css/ndetail.css\r\nCookie: ddooo=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 12 Feb 2026 17:27:08 GMT\r\nContent-Type: image/png\r\nContent-Length: 212782\r\nConnection: keep-alive\r\nLast-Modified: Fri, 18 Aug 2023 00:55:39 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80b78eb46ed1d91:0\"\r\nServer: Microsoft-IIS/8.5\r\nX-Ser: i89820_c26665, i1935893_c22759\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":212782,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 42 x 1360, 8-bit/color RGBA, non-interlaced","md5":"b746b31769b73a4b2f06f18c837198b2","sha1":"d11124f8c4542f6e08d449de23aaee7c2d596ccb","sha256":"0e0fd74acc9b2d8922064be5f9f71245b7ac394cbd3d11811306393669d6e543","sha512":"a91815b12050a75a6a239db939868d59af0c23dd5e0a4cc680153fe73a549d185788687680bd2802cdbbe746bb19db05c92053114fafdcd1a6b3c70b179762ed","ssdeep":"1536:i8GvFYwVBMjx86PPRs0DUtsfQXsN/PY8ksefISC7qROA61SNYr:qVM8YG0DcHu/PYTJCqRV61L","tlshash":"e124eb44acf498c1a84eb75aa0dc1c419ed72ec39c70242ebfed99dd0f116d84dd2a9b","first_seen":"2025-02-09T10:20:45.332779Z","last_seen":"2026-04-23T12:27:34.330064Z","times_seen":28,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"m.ddooo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}