{"report_id":"4cfbf84f-425a-43b2-8d4a-c06e89d001ad","version":0,"status":"done","tags":[],"date":"2026-06-17T17:45:14Z","url":{"schema":"http","addr":"three.laitiaozhan.com","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":0,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"http","addr":"three.laitiaozhan.com/","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"title":"365英国上市公司(集团)官方网站-Official Website","dom":{"size":473,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"9daf1d1e73e77552a2f6071726f85a62","sha1":"03c4750b18caeab5f97fc8898703e16e93015b58","sha256":"e5cc2050596b5bb48831a3874cd423f79ec104d37b8089bafdc327f898671f98","sha512":"8e07693d262e27033a89d098cea9f8aebc6e6aaa6add68ad6a0861909e7d52e1defcf7f609a4030ff1b120a669a88670f9a79780c168a49029bf1702bc323804","ssdeep":"","tlshash":"88f0d4c75c01645d53109f98ead1f41cd5ac7d696740dc15d5e1384d4cd6bc8441286d","dom_hash":"domhashd0c231bf27deb973c770c049e72bbcec","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"three.laitiaozhan.com","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":0,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T17:45:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.hnfzgf.com","ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2011-03-30","domain_rank":0,"first_seen":"2015-03-14T16:31:19Z","last_seen":"2026-06-16T14:08:57.509056Z","alert_count":0,"request_count":28,"received_data":1541677,"sent_data":12774,"comment":"","tags":null,"fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}]},{"fqdn":"image2.sinajs.cn","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2006-12-20","domain_rank":0,"first_seen":"2012-11-21T03:27:48Z","last_seen":"2026-05-06T12:27:31.620165Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":460,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fcl.xueyuxingfeng.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2021-06-17","domain_rank":0,"first_seen":"2021-06-17T13:30:21Z","last_seen":"2026-06-12T11:53:11.340031Z","alert_count":2,"request_count":1,"received_data":0,"sent_data":480,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.1.155","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-06-14T23:49:50.803257Z","alert_count":0,"request_count":1,"received_data":97803,"sent_data":471,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"three.laitiaozhan.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2026-01-21","domain_rank":0,"first_seen":"2026-06-16T14:08:56.923837Z","last_seen":"2026-06-16T14:08:56.923837Z","alert_count":152,"request_count":38,"received_data":264679,"sent_data":16971,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"jQuery:1.12.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"three.laitiaozhan.com/jquery.min.js","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"84dbd62ab21f9a080a3c75007194d6f4","sha1":"c5e7a0dcb98e094964d941fd44af99c097255501","sha256":"2ba1b5b707262ff63d5557ef29c82e3c5fb59728b65d95b56ad14382f367877b","sha512":"e86349b8322b0e3317d56bdfe0ef17de495872e979b11bf4bf9857983299905753be82bfea15028e6dfcb00ce5273725e074061d3fc0714c11310a5755b0536e","ssdeep":"","tlshash":"ed01fbd887c4d85f6ecc5d53ea14deca62b2812b97d971838328fe8c05a9152c85c489","size":738,"data":"","first_seen":"2023-03-07T12:08:36Z","last_seen":"2026-06-18T04:33:43.893526Z","times_seen":274,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"three.laitiaozhan.com/","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T17:44:51.566Z","timestamp":1781718291566,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/app/static/computer/images/index/list_log.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.033Z","timestamp":1781718293033,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/list_log.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Thu, 16 Dec 2021 17:24:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"088ccc9a1f2d71:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c7a167ab02f8fbe37a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Length: 892\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":892,"size_decoded":1201,"mime_type":"image/png","magic":"PNG image data, 26 x 28, 8-bit/color RGBA, non-interlaced","md5":"29ef3db28ad5b250ddcc38782fae41b7","sha1":"502795e09fb3f1936d087da023159ae492d4d52d","sha256":"4d401a491b50970a5a88351c4b09bb0499e6a3c60427dead6d67454c1f75c06c","sha512":"51297881fdb359979c62d92ac1189b210dcdabb9d4c13faf9df54ac90ee06dc441f63cbb6001e819f1a4b97d12d58f5a0fe293f63a2ea382233771691c426af9","ssdeep":"","tlshash":"b511b7375c86a698fd27772795439010b53d11ec2556da3c03a30872974ff02ac3a54b","first_seen":"2026-04-10T12:59:08.58328Z","last_seen":"2026-06-17T17:45:20.462519Z","times_seen":5,"resource_available":false,"data":null}},"time_used":923,"timings":{"blocked":0,"dns":471,"connect":225,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/css/index.css","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.433Z","timestamp":1781718292433,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/css/index.css HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:52 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":8416,"size_decoded":2415,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"6f16919da14eaefa15b1ec0945084a00","sha1":"7255397761f134a2e8878c6d43fc6d744a970a67","sha256":"43f41106956bbde416f01e8ecd4fdf37a96d511ec967c643e5378b69cff878ea","sha512":"650f89becae3eb7133d26ce0ffc9fac0ba005ea8559d16f77f5a440c1c86e2855652bc1d62681c381a33308990b86c64ad0af5b45d8ca6099fa2fa9bddb3fb8d","ssdeep":"192:iUFYTyJg37bB6FU/h7aeIm2DC1NbuV2SeBH+:iMYTyJK/SC1Nb4vL","tlshash":"d802ddc7abb50a48b416d56a78114b6a735d9043a30fe838eff4301cdec96d1a97378e","first_seen":"2026-04-10T12:59:08.585249Z","last_seen":"2026-06-17T17:45:20.463244Z","times_seen":5,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":-1,"dns":0,"connect":145,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/images/index/list_log2.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.649Z","timestamp":1781718292649,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/list_log2.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:52 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/app/static/computer/images/index/list_log2.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":67,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/images/index/list_log.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.651Z","timestamp":1781718292651,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/list_log.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:52 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/app/static/computer/images/index/list_log.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":345,"timings":{"blocked":155,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/upload/202507/25/202507251023260490.jpg","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.669Z","timestamp":1781718292669,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202507/25/202507251023260490.jpg HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/upload/202507/25/202507251023260490.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":581,"timings":{"blocked":408,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/upload/202209/13/202209131130104016.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.670Z","timestamp":1781718292670,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202209/13/202209131130104016.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/upload/202209/13/202209131130104016.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":642,"timings":{"blocked":465,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/upload/202512/31/202512311431303954.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.910Z","timestamp":1781718292910,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202512/31/202512311431303954.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Wed, 31 Dec 2025 06:31:30 GMT\r\nAccept-Ranges: bytes\r\nETag: \"7fbe75191f7adc1:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c78167ab02f8f9f1da3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Length: 2979857\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/js/jquery.SuperSlide2.1.2.js","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.625Z","timestamp":1781718292625,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/js/jquery.SuperSlide2.1.2.js HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:52 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13514,"size_decoded":4843,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12509)","md5":"c506b3251446b26ac8ea98c1b6b4fa23","sha1":"d96af824847369590a1f6869509dcc9beeecb72a","sha256":"0082a08b822a7379c957e5400b49018abe543e899dc7526839915cd1f7ccd616","sha512":"f1abbd9ee51e72a5c98219341e80c79b41f4f5e7ef1f72d419685194b2a3f3aa405a70023d6849d6d8040c067347f19ab121779f9822138bf207b2a379dcba1e","ssdeep":"192:8h6DPr/dDxLBrAoiCtGvazQu2tpt4kF5FdBoFz3Zt0zj+uwLvo:84PLdDx/iG8L7RPfBcAvwo","tlshash":"f452834a75f176aea6c7b3f0007f240e269bade18b4ac450f172c4953cbb5580763abd","first_seen":"2023-04-14T18:27:36Z","last_seen":"2026-06-17T17:45:20.464054Z","times_seen":126,"resource_available":true,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/upload/202510/29/202510290924331014.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.648Z","timestamp":1781718292648,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202510/29/202510290924331014.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:52 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/upload/202510/29/202510290924331014.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/upload/202411/21/202411211635164790.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.212Z","timestamp":1781718293212,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202411/21/202411211635164790.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Thu, 21 Nov 2024 08:35:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"4420734af03bdb1:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c7e167ab02f8fba48a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Length: 64183\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":64183,"size_decoded":64495,"mime_type":"image/png","magic":"PNG image data, 410 x 109, 8-bit/color RGBA, non-interlaced","md5":"b7f621d9ceca8bf4a3fb2dc7ce4d0ca4","sha1":"69f172096be95da91108ca1c2695694e27244804","sha256":"25161f6561539b0837812246339fb23ff29e4c61e80a43313195eef922d6eaba","sha512":"227d91c0c35fb39a8df486d6f941636c11c241204de544a47c4c3e68ef5267664010f6c567c9b8615a29faceb049c0b63c0c348c1352f05ffc116613e01a1c2b","ssdeep":"1536:x0y7AHAhA1YyDBgRR6aj/XeCf4YClvvafuf6cCB+s:WUAmZRRfXecMHUYY+s","tlshash":"3c530289cb68cfb2ccedddd09047791929827c988683b9e158fa3215633d1831de7d9e","first_seen":"2026-04-10T12:59:08.562663Z","last_seen":"2026-06-17T17:45:20.464717Z","times_seen":4,"resource_available":false,"data":null}},"time_used":5022,"timings":{"blocked":967,"dns":0,"connect":0,"send":0,"wait":226,"receive":3829,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/upload/202112/23/202112231205238902.jpg","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.643Z","timestamp":1781718292643,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202112/23/202112231205238902.jpg HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/upload/202112/23/202112231205238902.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":992,"timings":{"blocked":783,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/images/index/top.jpg","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.654Z","timestamp":1781718292654,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/top.jpg HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:52 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/app/static/computer/images/index/top.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":386,"timings":{"blocked":227,"dns":0,"connect":0,"send":0,"wait":159,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/images/index/footer_email.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.666Z","timestamp":1781718292666,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/footer_email.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/app/static/computer/images/index/footer_email.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":575,"timings":{"blocked":391,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/app/static/computer/images/index/top.jpg","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.070Z","timestamp":1781718293070,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/top.jpg HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/jpeg\r\nLast-Modified: Mon, 20 Dec 2021 15:00:59 GMT\r\nAccept-Ranges: bytes\r\nETag: \"807b465b2f5d71:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c7d167ab02f8fe148a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Length: 1643\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":1643,"size_decoded":1954,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 21x22, components 3","md5":"c78da0ca875d5bb2e58749ac797ca8fe","sha1":"5006675b0115ca475c700c58b61adff8ea539bd2","sha256":"d9a3621a8636f8c563a58396d20f5cccf7550e13bf7d5368c2c3f7187117537b","sha512":"7b69a48f2acdafaf5ea1dc431fbc071c66cf2b314230e360824b116e74eea65da3a703e572607b9a73d658037d63cb81795d3c4d9b2521612cf58bb4f1e62bc8","ssdeep":"","tlshash":"2f31781ffed16b03ddc465f119f7631f19555881e8c1f6a6a9fe801714262f88c4a1c7","first_seen":"2026-04-10T12:59:08.568846Z","last_seen":"2026-06-17T17:45:20.466372Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1074,"timings":{"blocked":859,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/app/static/computer/images/index/footer_email.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.397Z","timestamp":1781718293397,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/footer_email.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Thu, 16 Dec 2021 17:24:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"088ccc9a1f2d71:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c86167ab02f8f4244a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:56 GMT\r\nContent-Length: 743\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":743,"size_decoded":1052,"mime_type":"image/png","magic":"PNG image data, 22 x 17, 8-bit/color RGBA, non-interlaced","md5":"53aed4d17308535fe8c3fcbdb751b421","sha1":"a2d30d33403a3aaa99ec14ce426fe8444e4cde28","sha256":"45ccf614622090a08bbcf9eaf6a44ebde98c5df146be8b3e2327e0e69fee371c","sha512":"0f93e8efaf405e7a4528230ba55082eb7fae9b4a8474521f4faff7422bcef756dc1d5ce7002de701ed26a6f5d22461cfd932d0cac9ee6cca5258542f049bdb71","ssdeep":"","tlshash":"60016ab56b781d29c6eb0f33075db158082971d45942450cdf791c5dd5ef611685913c","first_seen":"2026-04-18T07:55:07.72513Z","last_seen":"2026-06-17T17:45:20.467159Z","times_seen":3,"resource_available":false,"data":null}},"time_used":3796,"timings":{"blocked":3583,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/css/style.css","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.431Z","timestamp":1781718292431,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/css/style.css HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:52 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":41487,"size_decoded":10757,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (403)","md5":"1163e646cf12de8288cb3497d2f50c20","sha1":"cc6de4f53d89506e636a0929a055a62147d49b7a","sha256":"1f01b90287b910e8fccfef6a06d99eaefbf5f5b387d5b277cd4ad1e94bf3d1ba","sha512":"27379c74b98101d5b31b49f2c370297f6449d28df25dfbfef67492411ff0445f8dfa9fa6d80fc038a8905d8bdf35721f4cf0e69b10447c30b3a740e5421b5879","ssdeep":"384:Hm9KM8qdEz6iLaggstJTVF9K2jmCMbNtlMM8za6Hdjbp42YAU5zfd4KYZJGuXmhY:HVL7FTJHWKUhqZJGu2hY","tlshash":"80137620e325220df527e2f5be619b9753258047f20315fcadea74a0e28e5e91673fc6","first_seen":"2026-04-10T12:59:08.57578Z","last_seen":"2026-06-17T17:45:20.468122Z","times_seen":5,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":-1,"dns":0,"connect":164,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/app/static/computer/images/index/list.jpg","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.030Z","timestamp":1781718293030,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/list.jpg HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/jpeg\r\nLast-Modified: Mon, 20 Dec 2021 12:11:11 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80992ead9af5d71:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c76167ab02f8fb46aa3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Length: 1261\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1261,"size_decoded":1573,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 9x9, components 3","md5":"c85509c972676d7ef2490313452750e1","sha1":"8ba1edb3c64c69a5718a4be3d64152ab759cf916","sha256":"a7daa1b2d64cc14d8f009ccfd1938892e7071e8f6858608ec5dccf934674ae83","sha512":"a3a309ae68061b78eaff8f7ea0907688d728a6d9ce039624045d07dad95ad9a311c94a87f7a6bb1f140f10c21430284c97e966356561aa346f73f214d7061723","ssdeep":"","tlshash":"1b21631eff417f02e8c4a97234f2912b4a0348c0e8c5f666bcff904758601b9482a5d7","first_seen":"2026-04-10T12:59:08.586226Z","last_seen":"2026-06-17T17:45:20.468786Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1319,"timings":{"blocked":0,"dns":474,"connect":209,"send":0,"wait":426,"receive":209,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/app/static/computer/images/index/footer_tel.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.405Z","timestamp":1781718293405,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/footer_tel.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Thu, 16 Dec 2021 17:24:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"088ccc9a1f2d71:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c89167ab02f8f7556a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:56 GMT\r\nContent-Length: 885\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":885,"size_decoded":1194,"mime_type":"image/png","magic":"PNG image data, 22 x 20, 8-bit/color RGBA, non-interlaced","md5":"80c65bddaa400b99c46f79683c829505","sha1":"27d32025b8c3e0e131d74e5c78860f0832d30907","sha256":"a7e5f6174a9e9c3fda2a3f2d5bd44ff8dd99e374ffe993c60bc3ff5286aef62f","sha512":"6eda3bea8c2202d486315c38fd5eea845b7749152f6c28470b6608807ff40430acf5f94ed1b055eaded5c9d76f3cd03d9cea53121057eb14325337281e147a71","ssdeep":"","tlshash":"7111b38ecc549da6ee4c7780a3b70f7e828ce2b94191a5ac4c09a60cc64407849a1f7b","first_seen":"2026-04-18T07:55:07.731232Z","last_seen":"2026-06-17T17:45:20.46991Z","times_seen":3,"resource_available":false,"data":null}},"time_used":4007,"timings":{"blocked":3786,"dns":0,"connect":0,"send":0,"wait":221,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/upload/202507/25/202507251023260490.jpg","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.407Z","timestamp":1781718293407,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202507/25/202507251023260490.jpg HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/jpeg\r\nLast-Modified: Fri, 25 Jul 2025 02:23:26 GMT\r\nAccept-Ranges: bytes\r\nETag: \"18df31abfddb1:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c88167ab02f8f25a4a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:56 GMT\r\nContent-Length: 7229\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":7229,"size_decoded":7539,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2031276c49853a9d630eaedc031878a6","sha1":"6ee68ee4744f9cf10c1a86d584e54b830e8a2f71","sha256":"8ce20647dc1cf92fc7cf64abe8aacd8d9b5ed6ee0217abca2b710e926e721059","sha512":"b9c7472b3f6728ad7e06335cb4a1971f88826e6a6879a7d50683c5d98dc5f1b1bc088bf4048ccc41a04ecf1d5efa1cec840d3a4ae15cf2c972b62afc75b90f43","ssdeep":"192:D7xMZ+sPFkhHkR7Xe6EmOTZxptuzU2rRWw:Dw+sPFaEZeRrLowip","tlshash":"37e19e8dabc7d6c0f77b90ab84a55e10d5dcc314798adf8212e092aef09b632890577d","first_seen":"2026-04-18T07:55:07.722256Z","last_seen":"2026-06-17T17:45:20.470602Z","times_seen":3,"resource_available":false,"data":null}},"time_used":4023,"timings":{"blocked":3809,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/app/static/computer/img/icon3.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.599Z","timestamp":1781718293599,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/img/icon3.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Tue, 22 Sep 2020 07:09:57 GMT\r\nAccept-Ranges: bytes\r\nETag: \"dcdc160af90d61:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c8f167ab02f8fdd12a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:57 GMT\r\nContent-Length: 1031\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1031,"size_decoded":1341,"mime_type":"image/png","magic":"PNG image data, 26 x 14, 8-bit/color RGBA, non-interlaced","md5":"b3715d1f4bd85c1264270d376243a944","sha1":"1924aea051a1a8c3f5e26fd0adfb19e683c6109d","sha256":"c3cdb4c646dfaedc03f48901cc4a32c57a5555f35efccf2e22c90d2ff2942414","sha512":"0133d1a87002719bcc17058b2c682a2f058a9c1f7463b22bb8b3dd456a0bf8b7c03a60fa56573e788430a6db0bc3e7372a3870533ee9f7927708e364a6645aa7","ssdeep":"","tlshash":"61116509fda9b8466bd4c8c215fa4033cd170a80d9c0b879b7aec01a5974ab50c5f9eb","first_seen":"2026-04-18T07:55:07.719797Z","last_seen":"2026-06-17T17:45:20.473914Z","times_seen":3,"resource_available":false,"data":null}},"time_used":4468,"timings":{"blocked":4257,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/images/index/footer_address.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.663Z","timestamp":1781718292663,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/footer_address.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/app/static/computer/images/index/footer_address.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":685,"timings":{"blocked":501,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/upload/202510/29/202510290924331014.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.913Z","timestamp":1781718292913,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202510/29/202510290924331014.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Wed, 29 Oct 2025 01:24:33 GMT\r\nAccept-Ranges: bytes\r\nETag: \"4ddbdec77248dc1:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c77167ab02f8f2417a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Length: 1422184\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/jquery.min.js","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.399Z","timestamp":1781718292399,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /jquery.min.js HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:52 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 738\r\nLast-Modified: Mon, 26 Jan 2026 02:30:54 GMT\r\nConnection: keep-alive\r\nETag: \"6976d1de-2e2\"\r\nExpires: Wed, 17 Jun 2026 18:44:52 GMT\r\nCache-Control: max-age=3600\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":738,"size_decoded":1051,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (738), with no line terminators","md5":"84dbd62ab21f9a080a3c75007194d6f4","sha1":"c5e7a0dcb98e094964d941fd44af99c097255501","sha256":"2ba1b5b707262ff63d5557ef29c82e3c5fb59728b65d95b56ad14382f367877b","sha512":"e86349b8322b0e3317d56bdfe0ef17de495872e979b11bf4bf9857983299905753be82bfea15028e6dfcb00ce5273725e074061d3fc0714c11310a5755b0536e","ssdeep":"","tlshash":"ed01fbd887c4d85f6ecc5d53ea14deca62b2812b97d971838328fe8c05a9152c85c489","first_seen":"2023-03-07T12:08:36Z","last_seen":"2026-06-18T04:33:43.893526Z","times_seen":274,"resource_available":true,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":164,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/upload/202507/18/202507181505334401.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.662Z","timestamp":1781718292662,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202507/18/202507181505334401.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/upload/202507/18/202507181505334401.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":603,"timings":{"blocked":422,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/img/share_ico.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.672Z","timestamp":1781718292672,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/img/share_ico.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/app/static/computer/img/share_ico.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":705,"timings":{"blocked":546,"dns":0,"connect":0,"send":0,"wait":159,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/upload/202406/25/202406251135377060.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.230Z","timestamp":1781718293230,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202406/25/202406251135377060.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Tue, 25 Jun 2024 03:35:37 GMT\r\nAccept-Ranges: bytes\r\nETag: \"5554b7beb0c6da1:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c82167ab02f8f298ba3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:54 GMT\r\nContent-Length: 56424\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":56424,"size_decoded":56736,"mime_type":"image/png","magic":"PNG image data, 410 x 109, 8-bit/color RGBA, non-interlaced","md5":"341901273c6d40c87856c9104f3038b5","sha1":"9d02f1305057d370d814217d600cdb23004b46b0","sha256":"9058361c5bcc67770e932825dbac8519503100352fefab45791873fd87024f9b","sha512":"548a549d56654f60e01d30abfc3361a4f49dd9481f15a41bbab0f0a7e28454bb14854ec3808d5b89a3650fac6039c7b377891dd8c37b47ac1c9a6ea5ad18bdce","ssdeep":"1536:PcAyRPHO7dPobAFbmzh+UWomLPnny7rn3GeF:UAyRPwSbEmFhWoi/k1F","tlshash":"1243021d29d58bd4eb557c6cc0535ad1bafc22e3dcf9a27a82f0204e15a93778d6a032","first_seen":"2026-04-10T12:59:08.566248Z","last_seen":"2026-06-17T17:45:20.476223Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3985,"timings":{"blocked":2294,"dns":0,"connect":0,"send":0,"wait":213,"receive":1478,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/upload/202201/07/202201071625290742.jpg","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.691Z","timestamp":1781718293691,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202201/07/202201071625290742.jpg HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/jpeg\r\nLast-Modified: Fri, 07 Jan 2022 08:25:29 GMT\r\nAccept-Ranges: bytes\r\nETag: \"3437021a03d81:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c90167ab02f8fd032a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:57 GMT\r\nContent-Length: 344566\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":344566,"size_decoded":344878,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=3040, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=5874], baseline, precision 8, 1920x630, components 3","md5":"e1b1860f76f9bd9cd5eb8e9d711014c4","sha1":"bbbde33f37b6463da12924e97441b9255e5c6972","sha256":"6e337082d99d457106d97c27efe407d895a51dd65aee8bdff680133725da5b25","sha512":"b21c8e70815c58d0552d5089359291d34b75ccc2c98fde89a9dfb7aacb83ea3cce38142d358f753ff69fa9993fa797d4596e36ab5d817b790ef310e77f9b30fd","ssdeep":"6144:pfqNYt89icHfzCSoHPFfbnuHqiEAD+FzXWCj7mgOpQvxQ03I6Nnle602:pfqit89dHfzCSovNnuHCBXjHOe6046Nd","tlshash":"23742358df3a86d3ddef967926d0ebe093a6c22cd789e7c634dd1c41b3a2115b98d020","first_seen":"2026-04-10T12:59:08.593387Z","last_seen":"2026-06-17T17:45:20.476713Z","times_seen":4,"resource_available":false,"data":null}},"time_used":8823,"timings":{"blocked":4544,"dns":0,"connect":0,"send":0,"wait":228,"receive":4051,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/upload/202201/07/202201071625290742.jpg","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.645Z","timestamp":1781718292645,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202201/07/202201071625290742.jpg HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/upload/202201/07/202201071625290742.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":1009,"timings":{"blocked":847,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/images/index/list.jpg","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.650Z","timestamp":1781718292650,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/list.jpg HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:52 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/app/static/computer/images/index/list.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":342,"timings":{"blocked":155,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/upload/202411/21/202411211635164790.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.659Z","timestamp":1781718292659,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202411/21/202411211635164790.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/upload/202411/21/202411211635164790.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":527,"timings":{"blocked":345,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/upload/202406/25/202406251135377060.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.661Z","timestamp":1781718292661,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202406/25/202406251135377060.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/upload/202406/25/202406251135377060.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":546,"timings":{"blocked":385,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"image2.sinajs.cn/newchart/min/n/sz000722.gif?_=1319610363531","fqdn":"image2.sinajs.cn","domain":"sinajs.cn","tld":"cn"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.655Z","timestamp":1781718292655,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /newchart/min/n/sz000722.gif?_=1319610363531 HTTP/1.1\r\nHost: image2.sinajs.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/images/index/product3.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.656Z","timestamp":1781718292656,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/product3.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/app/static/computer/images/index/product3.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":423,"timings":{"blocked":244,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/images/index/product2.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.658Z","timestamp":1781718292658,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/product2.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/app/static/computer/images/index/product2.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":501,"timings":{"blocked":343,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fcl.xueyuxingfeng.com:6987/master/faith/sj.js","fqdn":"fcl.xueyuxingfeng.com","domain":"xueyuxingfeng.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.826Z","timestamp":1781718292826,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /master/faith/sj.js HTTP/1.1\r\nHost: fcl.xueyuxingfeng.com:6987\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/app/static/computer/images/index/list_log2.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.929Z","timestamp":1781718292929,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/list_log2.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Thu, 16 Dec 2021 17:24:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"088ccc9a1f2d71:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c79167ab02f8fb134a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Length: 805\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":805,"size_decoded":1114,"mime_type":"image/png","magic":"PNG image data, 28 x 27, 8-bit/color RGBA, non-interlaced","md5":"004dd26f3a19fc9689142324a49970fb","sha1":"90d4333faed53bdca6da08754f38d576d653c686","sha256":"0f5cad34c7c46b4aa823f5f8f3de3ddc4acd7aad7822944984e11786a3723929","sha512":"09abf2b89f9bcdc8c8994aeb0f21039786435586429c53296cbc0c32c8a33a4d5c102c6909cb37a8e355c07d5e9e99e1a8245242801a5296c85ed6accf3bd00e","ssdeep":"","tlshash":"6a010ab34be240d80c12c27e7e0024fee822c50471a0503daad4e3d60119445b485663","first_seen":"2026-04-10T12:59:08.567175Z","last_seen":"2026-06-17T17:45:20.478125Z","times_seen":5,"resource_available":false,"data":null}},"time_used":999,"timings":{"blocked":0,"dns":574,"connect":209,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/app/static/computer/images/index/footer_address.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.370Z","timestamp":1781718293370,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/footer_address.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Thu, 16 Dec 2021 17:24:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"088ccc9a1f2d71:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c84167ab02f8f4d84a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:56 GMT\r\nContent-Length: 771\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":771,"size_decoded":1080,"mime_type":"image/png","magic":"PNG image data, 16 x 20, 8-bit/color RGBA, non-interlaced","md5":"d821e94346eb27962b4904728a23da33","sha1":"cd752f9a115f9b110ac6b3f251f4300b9085de0a","sha256":"f9405b82158474c1713f93e855bd811d3f80dc8272e5c47ab914507178c663e3","sha512":"158aa292029bd62e45131c72b96331dc5c3a63f2cbe61ce24fe67d362706e9243a44b28316740220dc9b996777d584569a6e349dccce05d26d4a5fb896d62e14","ssdeep":"","tlshash":"2301706c2a04192c823843300e185c28ffe8c83689a22c2fcc4f5b7e2666c6d01f3d06","first_seen":"2026-04-18T07:55:07.706483Z","last_seen":"2026-06-17T17:45:20.479192Z","times_seen":3,"resource_available":false,"data":null}},"time_used":3395,"timings":{"blocked":3183,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/js/swiper.min.js","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.634Z","timestamp":1781718292634,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/js/swiper.min.js HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:52 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":128896,"size_decoded":39227,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65271)","md5":"fadccfba38e59db99ddb37aef69aa395","sha1":"ac1831d72741f5db56286b12772c46c43431bfb5","sha256":"1ef9f1124c52a867f16d46dee4f4640b0a7ef7e98673f1491fc61f6429262f5f","sha512":"2ac3a0c908635c9ed24581f3c609159a7aecd4ee9dc9906d24e06f5b027a673f32a190b83ceb16930938aabc90a9e74f6cab736511c159d1aa604199715ffa82","ssdeep":"1536:1VKN6iIskfKKhLK8u5coSAOElosOsymar5MIM4allpcXvH7WcWUxcPqylCE8EtOv:1KKhmlSAO4oaWal4fH7WcWUxcPqntqK","tlshash":"4bc31849b35075e551e72256535ec601a3b66845b90ac0a831b2d8d7acbce8c03bfffd","first_seen":"2025-12-20T00:35:42.957946Z","last_seen":"2026-06-17T17:45:20.479698Z","times_seen":12,"resource_available":true,"data":null}},"time_used":346,"timings":{"blocked":42,"dns":0,"connect":0,"send":0,"wait":159,"receive":145,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/upload/202601/22/202601221036306291.jpg","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.653Z","timestamp":1781718292653,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202601/22/202601221036306291.jpg HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:52 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/upload/202601/22/202601221036306291.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/app/static/computer/img/share_ico.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.529Z","timestamp":1781718293529,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/img/share_ico.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Tue, 22 Sep 2020 07:12:40 GMT\r\nAccept-Ranges: bytes\r\nETag: \"143ac2af90d61:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c8a167ab02f8f4fc6a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:57 GMT\r\nContent-Length: 1434\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":1434,"size_decoded":1743,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"766f98f57ec0c7579fb1dd59a5c55ce3","sha1":"a44d2ad6f999ba178981695ee3c4647a54542317","sha256":"5f40261b83a211fa508625a4243dd0677ff224d88dca4bda9c1a95f7d7d21bb7","sha512":"3523c00816344dcd5351e6b75949049e34a8329baae230d5728d2c96648add96f604b152fe9a8b605b31f36caed66d0ad40efbb1898bb2631319f4b6f88fa4c4","ssdeep":"","tlshash":"2921770bfb207c47d6ddd8511cfb803698634d407490f579b6afc4910e796bf4a468ca","first_seen":"2026-04-18T07:55:07.750788Z","last_seen":"2026-06-17T17:45:20.480246Z","times_seen":3,"resource_available":false,"data":null}},"time_used":4117,"timings":{"blocked":3902,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/js/index.js","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.626Z","timestamp":1781718292626,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/js/index.js HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:52 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1400,"size_decoded":884,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"6efcdf2c4d4c8f029b6646ad52da655d","sha1":"0c78328554e1f9542ed2b2c4bd6126c8e05a3ae0","sha256":"1fd9ea29089acfd56ec06af65a2d4ce6ddff4cd89e83bad13633cfd09c3482c7","sha512":"68a76519d0a2f2ca293a1f4d888b5098b5e561d19e0e984fbc0b56701871e9124285e913c71b8bbc9313a46a4eae47c03f86dad22fb32f01cdaebd82a2b021f5","ssdeep":"","tlshash":"f121cb48f2a823e424bf71b9373fe408662605476a6649c0fa3d82584fc0a3c6657fed","first_seen":"2026-04-10T12:59:08.592391Z","last_seen":"2026-06-17T17:45:20.480838Z","times_seen":5,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/upload/202204/12/202204121145231877.jpg","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.660Z","timestamp":1781718292660,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202204/12/202204121145231877.jpg HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/upload/202204/12/202204121145231877.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":541,"timings":{"blocked":382,"dns":0,"connect":0,"send":0,"wait":159,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/app/static/computer/img/icon3_on.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.603Z","timestamp":1781718293603,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/img/icon3_on.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Tue, 22 Sep 2020 07:09:57 GMT\r\nAccept-Ranges: bytes\r\nETag: \"6ee5d860af90d61:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c8e167ab02f8f4f14a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:57 GMT\r\nContent-Length: 1037\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1037,"size_decoded":1348,"mime_type":"image/png","magic":"PNG image data, 26 x 14, 8-bit/color RGBA, non-interlaced","md5":"c50014db7d4f696d3a289fcbed52c3de","sha1":"8bed96b221d2640ff8606773aaaa1f46ef85566a","sha256":"2f5fa238376b663fe571b1145bd82747fa9a839eb5bfbc5c869c1db2a73462e1","sha512":"2a9391bfb4f4d23f05235b0f462b3055de0c560a4bae0a4fa70d79dfb658f25cb42e136dbd614474ca4396c2a21991d7396b3c0b28f87d5f4606cb39ea76c7d7","ssdeep":"","tlshash":"a4116586ef1118469af8d88129fbd12749128980d8e0f2a3b6cfc4561e65df3649d8c7","first_seen":"2026-04-18T07:55:07.732953Z","last_seen":"2026-06-17T17:45:20.482008Z","times_seen":3,"resource_available":false,"data":null}},"time_used":4662,"timings":{"blocked":4451,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T17:44:51.794Z","timestamp":1781718291794,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:52 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:1.12.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":37827,"size_decoded":10263,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (561)","md5":"7336470e9fedf36f9870c62a7a6f88a7","sha1":"e35520fb4772ae5dc64ef7e24a5e3c8f03deec0b","sha256":"70192e32f2b815cd56cc4e1b9986222537e9b206d2c9e87d08c24e74076e7b1e","sha512":"32b3d2cb66b359c3b7d913d54ea14896edb65b42fba162a3c925d2e4cf7670ebf14d16a3e6f0a23dc00b866ec321fd84b62522970217baa53626191fd076d305","ssdeep":"384:ws8UUt19BeRRuXi1rmL7fWGZU0Um/xiIwh5e21M+LOe0uxdak9iHIHWBWFnhI2cJ:C9YrILZeE21j0qf50T9QyrxSGNldt","tlshash":"f5f2741007ddb92b1d5722e266d2272af49efa32d0562d4173fe599a9fc3f438e2d044","first_seen":"2026-04-10T12:59:08.581654Z","last_seen":"2026-06-17T17:45:20.482619Z","times_seen":5,"resource_available":true,"data":null}},"time_used":660,"timings":{"blocked":-1,"dns":4,"connect":165,"send":0,"wait":326,"receive":165,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/images/index/footer_ait.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.667Z","timestamp":1781718292667,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/footer_ait.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/app/static/computer/images/index/footer_ait.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":568,"timings":{"blocked":403,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/upload/202601/22/202601221036306291.jpg","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.066Z","timestamp":1781718293066,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202601/22/202601221036306291.jpg HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/jpeg\r\nLast-Modified: Thu, 22 Jan 2026 02:36:30 GMT\r\nAccept-Ranges: bytes\r\nETag: \"ed6d70ea478bdc1:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c7b167ab02f8fd67ca3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Length: 8683324\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/app/static/computer/images/index/product3.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.107Z","timestamp":1781718293107,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/product3.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Thu, 16 Dec 2021 17:24:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"088ccc9a1f2d71:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c7c167ab02f8f2d2fa3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Length: 2300\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":2300,"size_decoded":2610,"mime_type":"image/png","magic":"PNG image data, 59 x 58, 8-bit/color RGBA, non-interlaced","md5":"d359c2d0687da3fa47b7d5acec298bd2","sha1":"7a39669e16af56e239eb09354ffa42845f233b2c","sha256":"0493ccd2f5c01aed15917b03824a854b16caa732b228fd26120932dd38859c5f","sha512":"fcf8154d055dded4a8081ad83c36ef4547da83232804dc53b6f5277af456dd1a656bd27c7391447df10cbb0faa1db63d25255648fe2f8687d1783e8ffeae1f67","ssdeep":"","tlshash":"ec412dd1105e6c0e227e2e38b4651592f5bbb5ce14dbadb31f0290b98f7c505c381009","first_seen":"2026-04-10T12:59:08.574468Z","last_seen":"2026-06-17T17:45:20.48386Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1072,"timings":{"blocked":849,"dns":0,"connect":0,"send":0,"wait":223,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/app/static/computer/images/index/product2.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.185Z","timestamp":1781718293185,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/product2.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Thu, 16 Dec 2021 17:24:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"088ccc9a1f2d71:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c7f167ab02f8f9d06a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Length: 2664\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":2664,"size_decoded":2974,"mime_type":"image/png","magic":"PNG image data, 71 x 62, 8-bit/color RGBA, non-interlaced","md5":"ac68860e3a682a881b77445f871ead82","sha1":"89495627d8beac80f374d02e0fb9bfe1f88d6d6b","sha256":"798673375900f6feee82b77e9490feb791ca4a578251275cb946c034e5be2a3a","sha512":"f68d54eb0c8a5aa27b7327199b16a6287e7356842b8607a1190294ade4ccf7ac5865ac02110f903e8096f7ed7a251864e9a8f327555a2a7c8e9ae0d591e68887","ssdeep":"","tlshash":"58512bcf2bc28dab8a5885e4c13055c5653f8e9e467c7e4dc11ab3565883c5a5460c7a","first_seen":"2026-04-10T12:59:08.564458Z","last_seen":"2026-06-17T17:45:20.484741Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1170,"timings":{"blocked":959,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/upload/202204/12/202204121145231877.jpg","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.226Z","timestamp":1781718293226,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202204/12/202204121145231877.jpg HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/jpeg\r\nLast-Modified: Tue, 12 Apr 2022 03:45:23 GMT\r\nAccept-Ranges: bytes\r\nETag: \"68b327bd1f4ed81:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c80167ab02f8fbb4ea3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Length: 39644\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":39644,"size_decoded":39957,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:04:12 11:34:11], baseline, precision 8, 410x109, components 3","md5":"81d7fe3b3cf955ea4eb20677b02256f3","sha1":"43ce0a27dc229f47661ecc160963678648fbe5a0","sha256":"888cc2853d8565fcb22f26d617db1ba0cd60a11d365966e90ee3982863b398e0","sha512":"fe7f1c4271584186bf14be4a0785a977bffcf174a92f06136738ecc3dea7cddd71c6273ed89bdbb6c0f75513bbfbc53a3bd9f6c2db93466bdccfe0992e62bca2","ssdeep":"768:SZW7zPQW7Xs8YyCgfgL/iHR/AtmD4WN4FZFJGUPOuk7EeH:19bs8mg44dD1N4FRGUWhhH","tlshash":"6403e17597668e51fde46270a8d4e3a7d301dd1c6a33926bb05cb4403ff1098ad4d38b","first_seen":"2026-04-10T12:59:08.572386Z","last_seen":"2026-06-17T17:45:20.485572Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3110,"timings":{"blocked":1128,"dns":0,"connect":0,"send":0,"wait":664,"receive":1318,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-1.12.4.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.1.155","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.623Z","timestamp":1781718292623,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 20 May 2026 00:00:00 GMT","end":"Fri, 04 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DE:F8:0F:C4:8F:BC:F5:01:B1:66:91:CC:15:DC:D8:6E:5D:2F:45:4E","sha256":"05:8E:2E:14:85:E2:41:28:F5:18:A4:37:49:31:2B:0E:24:53:64:3F:02:15:BE:63:EF:F4:B8:53:5A:8B:6D:29"}}},"request":{"raw":"GET /jquery-1.12.4.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-17b8b\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Wed, 17 Jun 2026 17:44:52 GMT\r\nage: 976164\r\nx-served-by: cache-lga21956-LGA, cache-bma-essb1270067-BMA\r\nx-cache: HIT, HIT\r\nx-cache-hits: 35228, 19654\r\nx-timer: S1781718293.658924,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 33738\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":97163,"size_decoded":34378,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32077)","md5":"4f252523d4af0b478c810c2547a63e19","sha1":"5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb","sha256":"668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404","sha512":"8c6b0c1fcde829ef5ab02a643959019d4ac30d3a7cc25f9a7640760fefff26d9713b84ab2e825d85b3b2b08150265a10143f82e05975accb10645efa26357479","ssdeep":"1536:GYE1JVoiB9JqZdXXe2pD3PgoIiulrUdTJSFk/zkZ4HjL5o8srOaS9TwD6b7/Jp9i:t4J+R3jL5TCOauTwD6FdnCVQNea98HrV","tlshash":"8893d7d9b6d6706287b734a851bf410bb17aa8eab40c4c60f058c8e47e74e9d507bf2d","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-06-18T07:34:05.152195Z","times_seen":80199,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":2,"connect":9,"send":0,"wait":10,"receive":3,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/upload/202507/18/202507181504012075.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.638Z","timestamp":1781718292638,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202507/18/202507181504012075.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/upload/202507/18/202507181504012075.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":885,"timings":{"blocked":723,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/app/static/computer/images/index/product1.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.217Z","timestamp":1781718293217,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/product1.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Thu, 16 Dec 2021 17:24:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"088ccc9a1f2d71:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c81167ab02f8f4d7ca3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Length: 1987\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":1987,"size_decoded":2297,"mime_type":"image/png","magic":"PNG image data, 59 x 59, 8-bit/color RGBA, non-interlaced","md5":"d632e49f709cffa5e72257554f4497f2","sha1":"ae270bfd5f0ab6fea0a4df28b2f0a0e24b3aadab","sha256":"572da5e4cb8f0f07035f2c1995f033d995f6a36341487ffd89e48e5dd45134e9","sha512":"4a2fb47d6c8fec1ee698aafb97d40ac04a03dbb770ffcd70cd41d62e337ba88135c7a5ddad448caed050c22b4d304097c86d749100dc294c9b7ad5ebabc82207","ssdeep":"","tlshash":"ef410ce70f9158edd5db6567fd428010a49882daa84851f84e00db4e2b9b5582287ed5","first_seen":"2026-04-10T12:59:08.571645Z","last_seen":"2026-06-17T17:45:20.487067Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2306,"timings":{"blocked":1131,"dns":0,"connect":0,"send":0,"wait":1175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/upload/202209/13/202209131130104016.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.465Z","timestamp":1781718293465,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202209/13/202209131130104016.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Tue, 13 Sep 2022 03:30:10 GMT\r\nAccept-Ranges: bytes\r\nETag: \"cc17b52021c7d81:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c8b167ab02f8f34a4a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:57 GMT\r\nContent-Length: 19256\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":19256,"size_decoded":19568,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"d0289dc0a46fc5b15b3363ffa78cf6c7","sha1":"29c400bc3b89f6085766dac4e0330ded5cb73d52","sha256":"a20583c81805fe64f7fa210851ce29754af9d25fd6aa5a3225a9557529602513","sha512":"10a9cd6fd64b8107db8b058eb8c4cc0fe23bb5c13a91d40caf93d323f4a15f1b34463bf0eacb0239c6dbd699ec6c49a8625e86cec674cc7b351509155b889e7f","ssdeep":"96:VSMllcHitlIxv9vk7C1+I4wWHLihk/xGWvki7rxmVKXUsDEVWvdNGthls+GfNXrL:VSHIIHUCD4wabkijpso15909rfEx","tlshash":"1c823928fcf0b125548993393de674095c779bc3c681ac45badc8a0b6f00fa95d6b183","first_seen":"2023-04-16T20:03:19Z","last_seen":"2026-06-18T05:39:15.108513Z","times_seen":10298,"resource_available":false,"data":null}},"time_used":4378,"timings":{"blocked":3950,"dns":0,"connect":0,"send":0,"wait":215,"receive":213,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/upload/202507/18/202507181504012075.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.577Z","timestamp":1781718293577,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202507/18/202507181504012075.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Fri, 18 Jul 2025 07:04:01 GMT\r\nAccept-Ranges: bytes\r\nETag: \"2d89a923b2f7db1:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c8c167ab02f8fa242a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:57 GMT\r\nContent-Length: 10364\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":10364,"size_decoded":10676,"mime_type":"image/png","magic":"PNG image data, 317 x 36, 8-bit/color RGBA, non-interlaced","md5":"1370c4851862f73dbfa8cefb8511d637","sha1":"ca8b2a3012ac29b5be80092c87df3eb4e7f3c999","sha256":"f1107d783b5ef15eeaa434621cd1bf2fc2d4c87d9159f502e645ca874b6c14c9","sha512":"5362b010329ce23180bb1701c9b05ee1107055c291bc36e52ab2c9656648f3d80f8d0e1f51de7ed4ed3e0c7a65a22d1c9883c208c274f46040abc304ff5e25e5","ssdeep":"192:XQno7UU+KvyE9R0QzHJ2+iimx9JqG10dPiKNu9RzDAeSEFCch8mjOCWz3+U:XQnuL3jHJ2+iiAqG10Xu9xDAehFTimC7","tlshash":"3622bf7ef886e1a3e80c56a9e2ff88d2ac530ec478d6f064de9d34550c9e97982900d2","first_seen":"2026-04-10T12:59:08.577581Z","last_seen":"2026-06-17T17:45:20.488075Z","times_seen":5,"resource_available":false,"data":null}},"time_used":4478,"timings":{"blocked":4266,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/upload/202112/23/202112231205238902.jpg","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.674Z","timestamp":1781718293674,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202112/23/202112231205238902.jpg HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/jpeg\r\nLast-Modified: Thu, 23 Dec 2021 04:05:23 GMT\r\nAccept-Ranges: bytes\r\nETag: \"4dda634fb2f7d71:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c91167ab02f8fc546a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:57 GMT\r\nContent-Length: 963060\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":963060,"size_decoded":963374,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2018:08:10 10:57:57], baseline, precision 8, 1920x630, components 3","md5":"0e43ff7bdc725e801ab4a7c9da79b279","sha1":"a4c7fad17bc6deab478c423b0b957bdd63357ba3","sha256":"e263073829325313033f33cac465db0d3fdf7c56df942ed3284e95daebcefac4","sha512":"25be20b3bbbd3eff702b2c8376ccfc5a3ab842def89f3e18ad31118ed79568901c0719727d22043b253c89060e15f1c1a4f050f28d6b3a34bd29188964b24617","ssdeep":"12288:tBzFsjrkRVR3RIrgm+ny+fY6bazZnSGHxMMpocTXPxslUuzknPac0PQ2P46IhaxA:tBzFsjOPtc+RAxG8X5slUsSaDIWi4I","tlshash":"7b2523385c207e59cc8aabf65093de9724331ea892940d1ab4cd6dd7b730ee13f88d19","first_seen":"2026-06-16T14:09:13.708106Z","last_seen":"2026-06-17T17:45:20.489364Z","times_seen":2,"resource_available":false,"data":null}},"time_used":14082,"timings":{"blocked":4399,"dns":0,"connect":0,"send":0,"wait":213,"receive":9470,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/css/common.css","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.432Z","timestamp":1781718292432,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/css/common.css HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:52 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2977,"size_decoded":1209,"mime_type":"text/css; charset=utf-8","magic":"assembler source, ASCII text","md5":"74cfc8c08b3688cc9b45a69280512a3c","sha1":"193efb643c494d7b58a77d94e58c5177aba3772e","sha256":"044c94c9ccce9695b06139f5085af2928160b305afd0b4b3b22b7861394b9661","sha512":"f53ef280d368735e9cd02412dea489312d3da8035f4354d0a9501a307134a7b419bcddac50ca03d29ae54f24359d049ed80844e7d181b1de36331dac2fde3f01","ssdeep":"","tlshash":"8d51e1e799b51908a457d574bc124b16b36ec413834fdc74bee8211cddcbb8588a339d","first_seen":"2026-04-10T12:59:08.570814Z","last_seen":"2026-06-17T17:45:20.49054Z","times_seen":5,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":-1,"dns":0,"connect":146,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/upload/202601/22/202601221045157050.jpg","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.646Z","timestamp":1781718292646,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202601/22/202601221045157050.jpg HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/upload/202601/22/202601221045157050.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/upload/202507/18/202507181505334401.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.288Z","timestamp":1781718293288,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202507/18/202507181505334401.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Fri, 18 Jul 2025 07:05:33 GMT\r\nAccept-Ranges: bytes\r\nETag: \"a91ea35ab2f7db1:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c85167ab02f8f0bb5a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:56 GMT\r\nContent-Length: 8155\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":8155,"size_decoded":8466,"mime_type":"image/png","magic":"PNG image data, 317 x 36, 8-bit/color RGBA, non-interlaced","md5":"c5797c09d2e597fcae84cc4148683ad3","sha1":"c785af01dcc8b08745e4332757b584648d37a40a","sha256":"2d2bc86f44255d76f1ffc423ed5161e96342251d60a73557566c498729eaf82b","sha512":"617a65b01f6f23ad2324cbbb773c393fe5feff16f77212bb7aaf2b1a72d64221f36e5c5471d56315c2a6b5df7af5363b9d25d0357fe939cc1c9b54204f8542f5","ssdeep":"192:/cqJK07M8iCpWb9UiZANIHz1pfwPsFTQyE2fGdt4:GynE9DZAkz1hysF0D2Et4","tlshash":"8af1af89fc607583cd4eac9524db4f1aa4271e44f9c0c479f1ceed2b2d79aa00c2128a","first_seen":"2026-04-10T12:59:08.569734Z","last_seen":"2026-06-17T17:45:20.491108Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3265,"timings":{"blocked":3049,"dns":0,"connect":0,"send":0,"wait":212,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/images/index/product1.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.657Z","timestamp":1781718292657,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/product1.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/app/static/computer/images/index/product1.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":529,"timings":{"blocked":342,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/images/index/footer_tel.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.665Z","timestamp":1781718292665,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/footer_tel.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/app/static/computer/images/index/footer_tel.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":582,"timings":{"blocked":390,"dns":0,"connect":0,"send":0,"wait":192,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/img/share_ico_on.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.673Z","timestamp":1781718292673,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/img/share_ico_on.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/app/static/computer/img/share_ico_on.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":730,"timings":{"blocked":568,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/img/icon3.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.674Z","timestamp":1781718292674,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/img/icon3.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/app/static/computer/img/icon3.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":758,"timings":{"blocked":573,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/img/icon3_on.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.675Z","timestamp":1781718292675,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/img/icon3_on.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/app/static/computer/img/icon3_on.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":762,"timings":{"blocked":579,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/app/static/computer/img/share_ico_on.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.561Z","timestamp":1781718293561,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/img/share_ico_on.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Tue, 22 Sep 2020 07:12:40 GMT\r\nAccept-Ranges: bytes\r\nETag: \"4462ec2af90d61:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c8d167ab02f8f975ea3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:57 GMT\r\nContent-Length: 1318\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1318,"size_decoded":1628,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"e57d063e949de3751758267c16e48279","sha1":"526bf0c69b31768927431de26c4ebaac76c5dfc6","sha256":"8d2e58ad69ef569b0ad472044ef78c7abbe9a4e8485f767f95d100ac21f9a564","sha512":"77a136acc57314ceb736d2aa74d4255b2e7ff8853f8f924d2294c998dbfab6344efbd93df4c89c6d1b045f9bcaad3c4a08d6535c73cc799badf561c223a3a175","ssdeep":"","tlshash":"5721721bfb95e584b29de89138d3803794230480e9d0f476aecac1460e65ab289da9d7","first_seen":"2026-04-18T07:55:07.742338Z","last_seen":"2026-06-17T17:45:20.492397Z","times_seen":3,"resource_available":false,"data":null}},"time_used":4300,"timings":{"blocked":4085,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/upload/202601/22/202601221045157050.jpg","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.714Z","timestamp":1781718293714,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202601/22/202601221045157050.jpg HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/jpeg\r\nLast-Modified: Thu, 22 Jan 2026 02:45:15 GMT\r\nAccept-Ranges: bytes\r\nETag: \"f436623498bdc1:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c93167ab02f8f569ea3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:57 GMT\r\nContent-Length: 4787415\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/app/static/computer/css/swiper.min.css","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.400Z","timestamp":1781718292400,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/css/swiper.min.css HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:52 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19798,"size_decoded":3734,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (19533)","md5":"6c1ec3a038a24ce46e374fc4ba26ea95","sha1":"27650e8aaa257fd8f9841db734994b525ae0179e","sha256":"9a2b860be289fc8b54b37b74083c191b4981a79c73ed3acd141d3e60bccf94de","sha512":"2e4f92fd1b19734b8318ed055298abf73185eda96d0f8fe9507bda54939683bde4003465b914d023c26eae6a1e6c7b6e14637786a286da2170f2729a4b6e0d56","ssdeep":"192:3xaNf/lSSyJWCh8zfi5o/mXDN3eBxwdJ5c:3xa1/lS0Cifi5o/mXOGJ5c","tlshash":"e792622c17003057e2334f1a87d99778c724c9939e4358ef6250ee48c7bb96a32af766","first_seen":"2023-04-06T22:37:14Z","last_seen":"2026-06-17T22:29:59.991373Z","times_seen":1807,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":145,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"three.laitiaozhan.com/upload/202512/31/202512311431303954.png","fqdn":"three.laitiaozhan.com","domain":"laitiaozhan.com","tld":"com"},"ip":{"addr":"50.3.173.141","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:52.647Z","timestamp":1781718292647,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/202512/31/202512311431303954.png HTTP/1.1\r\nHost: three.laitiaozhan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://three.laitiaozhan.com/\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 17:44:52 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hnfzgf.com/upload/202512/31/202512311431303954.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"three.laitiaozhan.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"three.laitiaozhan.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hnfzgf.com/app/static/computer/images/index/footer_ait.png","fqdn":"www.hnfzgf.com","domain":"hnfzgf.com","tld":"com"},"ip":{"addr":"47.112.126.177","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://three.laitiaozhan.com/","date":"2026-06-17T17:44:53.391Z","timestamp":1781718293391,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /app/static/computer/images/index/footer_ait.png HTTP/1.1\r\nHost: www.hnfzgf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://three.laitiaozhan.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Thu, 16 Dec 2021 17:24:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"088ccc9a1f2d71:0\"\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: _d_id=3c87167ab02f8f24f9a3b0ff19d332; Path=/; HttpOnly; SameSite=Strict\r\nDate: Wed, 17 Jun 2026 17:44:56 GMT\r\nContent-Length: 1312\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1312,"size_decoded":1622,"mime_type":"image/png","magic":"PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced","md5":"f29c446c8178669652133ec479cde65a","sha1":"bfce8d6b3db8d9f4ce7644252180b7a801944891","sha256":"defd542c959bf85227d8347426f4a15560c6718b3ce0dc1f544a3984d19a1d27","sha512":"c1ca316e80c4aa5828bc902302a9d10316f3d756cb383417ba2070969624fc3ec0dcfb7ec7086fd825a811b223684a29e1257454af6cd3b84a709087f05ab8c0","ssdeep":"","tlshash":"bc21f8132710b13bcc8d20500c23040ad3bfa2a248bb6419099d249af96fa1c2fe6ad5","first_seen":"2026-04-18T07:55:07.75169Z","last_seen":"2026-06-17T17:45:20.493859Z","times_seen":3,"resource_available":false,"data":null}},"time_used":3589,"timings":{"blocked":3374,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}